Let’s be honest and admit when it comes to data security reputation, the NHS has a steep hill to climb…
Let there be no doubt that the 2017 WannaCry ransomware attack was a catalyst for the NHS to do better – better with cybersecurity strategy, and better with getting the ‘taking cyber seriously’ message across to everyone from staff at all levels to the general public itself. But the contention it needs to do better may seem a little harsh, given that when writing Digital Health’s recent cybersecurity special report, I made it very clear that the official post-WannaCry NHS review by NHS England chief information officer Will Smart found only one percent of NHS activity was directly impacted by the ransomware attack, and that the NHS not directly targeted.
That word ‘impact’ is key though – with 80 of 236 hospital trusts actually affected, not to mention 595 of 7,545 GP practices. Ask pretty much any member of the public about how badly the NHS was hit by WannaCry collateral damage, and the answer is likely to be “very badly indeed”.