The Government said the funding comes after the National Cyber Security Centre (NCSC) identified a heightened cyber threat to the UK health sector in relation to the pandemic.
Digital Infrastructure Minister Matt Warman said: “We know there is a heightened cyber threat for healthcare businesses at the moment so we are releasing new funding to help those playing a vital role in the pandemic response to remain resilient.”
“I also urge all organisations to sign up to the government’s Cyber Essentials programme which contains a number of simple steps firms can take to get the fundamentals of good cyber security in place.”
The move is also in response to a recent survey, which found 46% of organisations had suffered a cyber security breach in the past 12 months (Cyber Security Breaches Survey 2020).
Paul Chichester, the NCSC’s Director of Operations, said: “Protecting healthcare has been our top priority during the Covid-19 pandemic and we have been working hard to ensure organisations can keep themselves secure.”
“While we will continue to support them, signing up to initiatives such as Cyber Essentials is an excellent way for organisations to help themselves.”
Phillip Hay, head of threat intelligence analysis at Mimecast, responded to the news: “It is encouraging to see the government taking the cyber-threat to the healthcare industry seriously. The COVID-19 pandemic has seen a significant rise in the reliance on the internet for healthcare professionals to carry out their job. From connectivity with patients, to the interconnectivity of different medical devices passing patient data, the threat vector has expanded dramatically. This has made the sector an attractive target for cybercriminals, with the wealth of research, personal, and confidential data available to them. Recent research, commissioned by Mimecast surveying healthcare professionals, found that 41% are seeing cyber-attacks against their organisation take place on a weekly basis.”
“It remains so important that healthcare professionals are as vigilant to cyber-threats as possible. One minor lapse of cyber hygiene can lead to a cybersecurity attack. These can result in service disruption, potentially postponing treatment for patients; or they can lead to huge amounts of data being leaked to hackers with nefarious intent. This investment is a welcome incentive, but needs to be combined with employee awareness training along with a layered cyber security strategy to ensure that the healthcare sector is well-prepared for the increased in threats it faces as a direct result of the pandemic.”