Login to your account

Username *
Password *
Remember Me

Create an account

Fields marked with an asterisk (*) are required.
Name *
Username *
Password *
Verify password *
Email *
Verify email *
Captcha *
Reload Captcha

NHS Employs Supplier Security Audits to Improve Cyber Security

Written by  Feb 04, 2020

NHS Shared Business Services and its cloud partner Virtualstock have enlisted cyber threat intelligence and risk assessment specialist Orpheus Cyber.

They will add integrated security audits to the Edge4Health procurement platform and improve supply chain security for the health service.

Launched in January 2020 with a staged roll-out to a few NHS trusts, Edge4Health is billed as a consumer-style digital procurement hub designed to cut costs, improve visibility and data management, and ensure greater compliance in the NHS. It can be used to buy over a million products and services – not limited to IT – and is understood to have transacted over £8m of spend to date.

The feature enables NHS suppliers to check and improve their security using a dial indicating whether their rating is good, average or bad. Clicking on it will allow suppliers to download a report providing information on the various threats and vulnerabilities they are subject to, and how to mitigate them, hopefully improving their own security and that of their customers.

 privacy for seniorsAlso see: Top Tips to Increase Your Online Privacy

“With £9bn of annual spend, the NHS has some of the longest and most complex supply chains in the world. Ensuring the security and integrity of these supply chains is a priority for NHS organisations, the government and suppliers,” said NHS SBS procurement director, Phil Davies.

“Enabling suppliers to swiftly check on their current cyber security status is an important step forward in mitigating the threat posed.”

Information will also be made available to NHS organisations buying through the platform, through a buying community cyber risk rating, to help decision-makers take better account of security considerations when buying services.

Oliver Church, CEO of Orpheus Cyber – other customers of which include the Department for Work and Pensions (DWP), mobile operator O2 and accountancy firm Smith & Williamson – said cyber criminals were increasingly targeting supply chains as a weak link to compromise their ultimate targets, in this case NHS organisations with access to confidential data.

“We frequently see significant damage to customers when suppliers, disabled by cyber attacks, are no longer able to provide vital goods and services – which is potentially very serious when dealing with patient health” Oliver Church, Orpheus Cyber.

“Attacks are becoming increasingly complex, tending to focus not just on stealing data but on permanently deleting or encrypting it. Furthermore, we frequently see significant damage to customers when suppliers, disabled by cyber attacks, are no longer able to provide vital goods and services – which is potentially very serious when dealing with patient health,” said Church.

“Because private data is often distributed through supply chains, a breach of a supplier can easily leak sensitive information, a major concern when dealing with the privacy of patient personal data. Legislation such as the GDPR [General Data Protection Regulation] provides for heavy fines if private data is breached due to poor cyber security.”

nhs digital logoAlso see: NHS Moves Two Major Systems to The Cloud

In November 2019, Orpheus Cyber published a whitepaper looking specifically at the security arrangements of NHS suppliers. It suggested that NHS trusts themselves were increasingly at risk of supply chain attacks because so many of them have spent lavishly on their own security since the 2017 WannaCry disaster, meaning bad actors now have to look for another way in.

Leave a comment

Make sure you enter all the required information, indicated by an asterisk (*). HTML code is not allowed.


Popular Cyber News

Jan 30, 2020 Cyber Security

UK Cyber Security is Booming

The UK’s cyber security industry is currently enoying a three-year boom, with the number of active security firms in t...

Jan 30, 2020 Cyber Security

Phishing A Major Factor in UK Cybercrime

Of all reported incidents in 2019, almost half were related to phishing attacks. ...

Mar 05, 2020 Cyber Security

Tesco and Boots Loyalty Card Schemes Affected by Security Issues

UK retailers Tesco and Boots are dealing with the after affects of cyber security issues that may have affected thousand...

Feb 08, 2020 Cyber Security

Millions of UK Businesses don't have a Cyber Insurance Policy

According to a survey conducted by Insurance firm Gallagher, millions of businesses operating in the UK don't have basic...

Feb 13, 2020 Cyber Threats

Steps To Combat Insider Threats

Your organisation are generally well prepared for threats from outside the company. But are you ready to address threats...

Feb 10, 2020 Cyber Security

The Cyber Security Fight Won't Stop

The controversy over the decision to allow Huawei technology to be used in the UK’s 5G networks is a very high-profile...

Feb 07, 2020 Cyber Threats

British Police Warn: Cleaners Are A Cyber Threat

British police have reportedly warned of a cyber threat posed by a not often thought about data stealer, namely the use ...

Feb 29, 2020 Cyber Security

Wi-Fi of More Than a Billion Devices Can Be Exposed

A billion-plus computers, phones, and other devices are said to suffer a chip-level security vulnerability that can be e...

Feb 04, 2020 Cyber Security

NHS Employs Supplier Security Audits to Improve Cyber Security

NHS Shared Business Services and its cloud partner Virtualstock have enlisted cyber threat intelligence and risk assessm...

Feb 25, 2020 Cyber Security

The Top Cyber Security Companies in the UK

Investing in the right cyber security for your company is more important than ever, but which are the top UK cyber secur...

Feb 28, 2020 Cyber Threats

UK Prepares ‘National Cyber Force’ To Tackle Terrorists and Other Threats

The UK is preparing the official launch of a specialist cyber force that will target terror groups and hostile nation st...

Feb 19, 2020 Cyber Security

Cybersecurity Jobs Are Not Going To Be Filled

CISOs around the world expect a serious lack of global cybersecurity talent which will worsen in the next five years, ac...

Feb 28, 2020 Cyber Threats

DVLA Say Cyber Criminals are Targeting UK Motorists

The Driver and Vehicle Licensing Agency (DVLA) has warned that cyber criminals and scammers are targeting unsuspecting d...

May 22, 2020 Cyber Security

EasyJet will be sued over customer data breach

Legal firm PGMBM, a specialist in group legal action, has issued a class action claim under Article 82 of the General Da...

Mar 23, 2020 Cyber Security

Thousands of Netflix and Other Streamers Accounts are Being Stolen

With a massive surge in home use of video and music streaming services such as Amazon Prime Video, Apple Music, Netflix ...

Mar 27, 2020 Cyber Security

Hospitals worldwide offered free security software

As cyberattacks against hospitals surge during the coronavirus crisis, technology companies are stepping up to alleviate...

Symantec Home 120x60