NHS trusts failing meet Cyber Essentials Plus standards

cyber essentials scheme summary

Civil servants have revealed that EVERY NHS trust that has been assessed for cyber security vulnerabilities failed to meet the required standard: all 200 failed to meet the Cyber Essentials Plus standard needed.

This information was revealed during a Parliamentary hearing to discuss the WannaCry ransomware attack from May last year which had a crippling effect on the NHS. The attack infected nearly a third of NHS trusts in England and hundreds of GP surgeries, resulting in the cancellation of at least 6,900 NHS appointments. Despite an increase in security provisions it appears that the NHS may not be in a better position nearly a year later to combat a similar attack.

Our Cyber Essentials Scheme Summary states:

“Cyber Essentials Plus offers a higher level of assurance through the external testing of the organisation’s cyber security approach.”

The NHS Trusts are not yet at the point where their cyber security is robust enough to gain the Plus and NHS Digital Deputy Chief Executive Rob Shaw was quoted as saying that some NHS trusts still have a “considerable amount” of work to do to get themselves better prepared.

You can read more about the situation in the article below:

Every NHS trust tested for cybersecurity has failed, officials admit

Assessments after WannaCry attack reveal vulnerabilities across whole of health system Every NHS trust assessed for cyber security vulnerabilities has failed to meet the standard required, civil servants have said for the first time. In a parliamentary hearing on the WannaCry attack which disrupted parts of the NHS last year, Department of Health (DoH) officials said all 200 trusts had failed, despite increases in security provision.

The National Audit Office (NAO) made clear that NHS trusts had failed to act on critical alerts and warnings in 2014 to patch and upgrade older software. The WannaCry attack influenced Microsoft to release new security updates for older versions of Windows such as XP. The NHS was criticised during the fallout after WannaCry for the widespread use of outdated software such as Windows Vista.


Cyber Essentials

Cyber Essentials certification will protect your organisation from 80% of common cyber threats. It is also a mandatory requirement for organisations wishing to win business with the MOD, and can help your organisation prepare and defend itself against malicious cyber attacks, regardless of the sector you operate in.

Download our free Cyber Essentials Scheme Summary and sample of the Self-Assessment Questionnaire to learn more about what you will be required to complete to become Cyber Essentials certified.

Click here to get started with Cyber Essentials.


Who are we?

From publishing the first national directory of public sector contracts, to being the first to market with our online Tracker solution, we have been the true pioneers of technology and innovation in the public sector marketplace. Throughout our 39 years, we have continued to evolve and chart new territory – placing our customers at the heart of everything we do. Take your business to the next level with Tracker now.

If you request a demo today!

Download your Free UK Defence Industry Report

Get SAAS-Y This Summer with DCI

Start Your Free Trial Today

Download your Free UK Defence Industry Report

Download your Free UK Defence Industry Report

When you sign up for a 3 day free trial or demo.

Limited time only

    BiP Solutions owns DCI and we look after your details carefully. We offer a range of products, services and events (some of which are free) that help buyers tender more efficiently and suppliers find, bid for and win public and private sector contracts. Only tick this box if you wish to receive information about these. We will never share your details with third parties and you will have the opportunity of opting out of communications every time we contact you. For further details, please see our Privacy Policy