Naq, the UK and Netherlands-based cyber security company, has secured £5.1 million in Series A funding, as part of its aim to help health tech companies meet cyber security standards across the NHS and healthcare.
According to Naq, the investment will be used to support the product development of its compliance platform, aiming to allow for more AI capabilities and additional standards to be included, which the organisation notes are essential “amid rising cyber threats and regulatory delays”. Through this, Naq aims to continue its mission in offering a single platform for digital health technology companies to meet the various cyber security, privacy and clinical safety requirements within the NHS, including Cyber Essentials, Data Security and Protection Toolkit (DSPT) and NHS Digital Technology Assessment Criteria (DTAC).
Naq is currently being used for “more than 150 vital health technologies that serve the NHS”, with plans to expand their offering across the UK and Europe. “As the NHS shifts from analogue to digital, protecting patient data and systems is vital,” Nadia Kadhim, co-founder and CEO of Naq, explained. “With this funding our technology will help even more NHS suppliers to meet security standards without complexity or the excessive cost of consultancy offerings, saving innovators more than 180,000 hours or £20,000 per compliance standard.”
The funding was covered entirely by the private company, Automate Health, who have given Naq access to their health tech Saas operating best practices as well as their “long-term capital base and advisor network, including industry veterans Dan Taylor and Pam Garside”.
Wider trend: Cyber security updates across health and care
One of our HTN Now panel discussions explored the different approaches to cyber security and how to overcome the main challenges involved with making healthcare organisations more secure. As part of the discussion, we were joined by Keltie Jamieson, the CIO at Bermuda Hospitals Board, Nasser Arif, cyber security manager at London Northwest Healthcare NHS Trust and Hillingdon Hospitals NHS Foundation Trust and Ryan Pullen, director of Stripe OLT Consulting.
Recent guidance from NHS England has outlined ways non-executive directors can contribute to keeping their organisations safe from cyber attacks. The aim is to provide a resource that supports how to understand and deal with cyber security risks, while also knowing how external assessments provide insights. It covers what questions to ask yourself and the board and the questions the board should be asking, with Jamie Saunders, non-executive chair of the NHS England Cyber Security Risk Committee, noting, “boards throughout the NHS have a key role to play in safeguarding patients from this risk.”
In August, the National Cyber Security Centre shared four updates to the Cyber Assessment Framework, covering attacker methods and motivations, software maintenance, improved detection of cyber threats and improved coverage of AI-related cyber risks. These changes are necessary in order to “close the widening gap between the escalated cyber threats to critical services, and our collective ability to defend against them”, the NCSC said.
