Vendor chosen by NHS Digital for contract including malware analysis and pilots of emerging technologies

Credit: Adobe Stock

NHS Digital has signed a £30m three-year contract with IBM to boost the cybersecurity credentials of the health service.

The deal will see NHS Digital increase the number and sophistication of services offered from its existing Cyber Security Operations Centre (CSOC), which monitors the nationwide Health and Social Care Network infrastructure. 

New services that will be offered via the CSOC under the terms of the deal include malware analysis and vulnerability scanning. Health and social care organisations will also now have access to IBM’s X-Force threat-intelligence service, which offers guidance on how to defend and mitigate against security risks.

The contract also covers an “innovation service” which aims to enable NHS Digital to get quicker access to new technologies and services to help combat emerging threats. IBM and NHS Digital will also work together on a range of pilot schemes of new security technologies with the goal of finding products that could be implemented throughout the NHS.  

Related content

• Every Welsh NHS entity to get cybersecurity review as part of £5.5m digital health investment
• Has the NHS sacrificed cybersecurity for convenience?
• NCSC’s Dr Ian Levy on why the UK must ‘turn cybersecurity into a science’

Dan Taylor, programme director, Data Security Centre at NHS Digital, said: “This partnership will enhance our existing Cyber Security Operations Centre which is delivered from NHS Digital’s Data Security Centre. It will give us, during times of increased need, the ability to draw on a pool of dedicated professionals from IBM.”

He added: “This partnership will allow us to share knowledge and skills from the information security industry, whilst continuing to develop our internal expertise and supporting health and care organisations to build their own cyber resilience. This partnership will strengthen how we help to keep patient information and services safe and secure, enabling NHS staff and patients to have confidence in the security of our system.”

NHS Digital first issued a contract notice for “a strategic partner to support the development and delivery of a security operations centre” in November 2017. The original expected value of the deal was £20m, but this was raised to £30m in an updated notice published in February 2018.

Rob Sedman, director of security, IBM UK and Ireland said: “IBM is excited to partner with NHS Digital and bring enhanced detection and incident response co-ordination capabilities to its Data Security Centre.”