Staff across the NHS are aware of their roles in protecting our health service from cyber threats. However, a BT survey reveals that only a small number feel current security measures are enough.
BT, which partners with over 200 NHS trusts nationwide, surveyed both NHS workers and the public. The results highlight a significant public concern about cyber threats, especially after recent high-profile attacks. Around 60% of the public worry that critical systems could fail, while 56% fear for their private medical data in the hands of hackers.
Among NHS staff, there’s a clear understanding of responsibilities, yet only 36% believe the service can adequately defend itself. Just 42% express confidence in the current systems to protect sensitive information. Additionally, 64% view the existing systems as outdated, making data access difficult, and 60% indicate they don’t receive regular security training.
Natasha Phillips, former chief digital nurse for NHS England and a current member of the BT Clinical Advisory Board, emphasizes that cyber security is not just about securing data but also about protecting lives. Nurses need quick access to secure systems to provide effective patient care. She stresses the importance of ensuring clinicians are equipped with the right training and tools to navigate the digital landscape safely.
Sultan Mahmud, a director at BT, points out that while the NHS is focused on saving lives, it struggles to keep pace with rapidly evolving cyber threats. Each day, BT identifies about 200 million potential cyber attack signals across various sectors. With the NHS being the UK’s largest employer, empowering its workforce against these threats is crucial. Despite a strong awareness of cyber risks, many NHS staff feel unprepared, and frustrations with outdated systems are impacting care and training.
Mahmud, with extensive NHS experience, recognizes the urgency of addressing cyber challenges, highlighting the need for collaboration between healthcare, policy, and business to foster meaningful change. A cyber-resilient NHS will better serve everyone.
BT’s report also reveals issues with legacy tech systems that lack modern security features, complicating care delivery. Survey respondents noted that patient data is often isolated, diminishing their ability to provide safe and efficient healthcare.
While there have been slight increases in training on new technologies, overall, security training on both new and existing systems has dropped by almost 10%, especially among frontline staff. This suggests that training is treated as a one-time event rather than an ongoing process, adding to cyber risks for the NHS.
Public sentiment aligns with the need for enhanced cyber defenses, as over half of those surveyed prioritize training NHS staff on new technologies. There’s a growing agreement that equipping staff with security knowledge is critical for improving healthcare delivery.
The data comes from a September 2024 survey of NHS staff and a July 2024 YouGov poll of 2,159 adults, revealing a snapshot of opinions on NHS cyber security.