PublicTechnology

NHS Scotland buys £3m AI-powered anti-ransomware system

Sam Trendall November 3, 2025 in Cyber Security Hub, News - 2 Minutes
Credit: Pete Linforth/Pixabay
The health service has acquired new technology that it claims could have helped mitigate a significant incident in 2024 which affected the personal data of tens of thousands of Scots

Following a major cyber incursion last year, NHS Scotland has invested upwards of £3m in technology that uses artificial intelligence technology to defend against ransomware attacks.

On 31 October, the health service body entered into a contract with IT reseller giant Computacenter – which will supply software from specialist outfit Halcyon. The deal, of unspecified length, is valued at £3.1m, inclusive of VAT.


A newly published commercial notice reveals that the new AI-powered tool will sit alongside “a range of cybersecurity tools across [the 14] NHS boards” throughout Scotland. These technologies have been put in place by the NHS’s Cyber Centre of Excellence and currently “work together to reduce the risk and impact of cyberattacks”.

“While this approach has been successful and adds value, the residual risk is still high due to the nature of ransomware attacks,” the notice adds. “Existing tools by their nature remediate reactively once they detect an attack to contain it, and the risk of data being stolen prior to its encryption is now equal to – if not greater than – the encryption of the data itself.”

These risks were evidenced last year by a major cyberattack affecting the NHS Dumfries and Galloway. Following the incident all 150,000 citizens  of the region served by the health board were told to assume some of their data is likely to have been leaked following, and encouraged to look out for potential extortion attempts.

The notice says: “[The] Halcyon anti-ransomware platform is a specialised, AI-driven cybersecurity stool that defends against advanced ransomware attacks and unauthorised access, while complementing our existing security measures. A lightweight solution, it requires minimal resources to deploy and run on existing devices, making it ideal for preventing attacks like that experienced by NHS Dumfries and Galloway in 2024, and would significantly strengthen our defence-in-depth suite of tools.”

According to Halcyon’s website, the company’s technology is differentiated from that of other IT security vendors as “most solutions are made for a wide range of threats… [but] we are purpose-built to focus exclusively on detecting and disrupting ransomware before damage occurs”.

Related Posts

Government ‘considering physical alternatives’ for those unable access digital ID
November 5, 2025
GOV.UK App taps into A/B testing
November 5, 2025
Only one in 10 believes the civil service is innovative, survey finds
November 5, 2025

Sam Trendall

Learn More →