Bridgeway Insights

More investment is needed in cyber security technologies, but don't forget about the users

More investment is needed in cyber security technologies, but don't forget about the users

Posted by Lisa Higgins 11 July 2019

Lord Darzi made a call this week for the NHS to make drastic improvements in cyber security.

A new report presented to the House of Lords says fresh investment is “urgently needed” to defend against threats that could put patient safety at risk.


Led by Lord Darzi, the white paper, written by researchers from Imperial College London’s Institute of Global Health Innovation, recommends hiring more cyber security professionals into IT teams, building “fire-breaks” into networks that allow staff to cut off and isolate certain systems if they become infected with malware, and having clear lines of communication for receiving advice on cyber security matters.

According to the paper also highlights "healthcare technologies that could pose a serious threat to patients if not made secure by design, such as robotics, artificial intelligence and implantable medical devices."

New call-to-action

Lord Darzi, co-director of the Institute of Global Health Innovation (IGHI), said: “This report highlights weaknesses that compromise patient safety and the integrity of health systems, so we are calling for greater investment in research to learn how we can better mitigate against the looming threats of cyber-attacks.”

Dr Saira Ghafur, lead author of the report, said that while awareness of cyber-security had improved in recent years, it was important to continue building in new means of counteracting fresh attacks as technologies progressed.

“Since the WannaCry attack in 2017, awareness of cyber-attack risk has significantly increased,” said Dr Ghadur.

“However, we still need further initiatives and awareness, and improved cyber security ‘hygiene’ to counteract the clear and present danger these incidents represent.

Bridgeway's Managing Director Jason Holloway says it's great to see progress being made, but "there's still a long way to go to adapt to the modern ways of working, growth of data and repositories, new information flows and the evolving needs of modern users."

Bridgeway's Technical Director Paul Jacka adds that while fresh investment in cyber security is undertaken, it is imperative to "strike a balance between security and accessibility to keep users happy and productive."

We are pleased to see that already more than 100 NHS boards have completed GCHQ-accredited cyber security training, two years after WannaCry.

At the forefront of this investment in cyber security training, at Bridgeway we are seeing the impact that educating the users directly is having on several NHS Trusts. Our cyber security awareness training courses aim to address this very issue, educating the end-users who we believe are an organisation's last line of defence.

Following one of our cyber security awareness training courses one NHS customer said: "Our objective was to educate our users on the dangers of ransomware and we achieved this."

Another said: "I've realised that we all need to take cyber security seriously and I can see now that there are lots of things one can do to reduce risk."

cyber security training offer