Cybersecurity in the NHS: Beyond the Ransomware Headlines

October marks Cybersecurity Awareness Month - a timely reminder for NHS Trusts to re-evaluate their cyber resilience strategies. With the National Audit Office warning in January 2025 that cyber threats to UK government systems are “severe and advancing quickly,” the NHS remains a high-value target. Recent attacks such as the Synnovis ransomware breach last year, which affected over 10,000 appointments at King’s College Hospital and Guy’s & St Thomas’ amongst others, and the NHS Scotland cyberattack and subsequent outage this year that disrupted clinical systems, underline the urgency. 

Yet ransomware is only part of the picture. NHS IT managers must consider the broader cybersecurity framework known as the CIA Triad: Confidentiality, Integrity, and Availability. In general terms, Confidentiality ensures that sensitive information is accessible only to authorised users, Integrity guarantees that data remains accurate and unaltered, and Availability ensures reliable access to resources when needed. These three pillars are essential to safeguarding patient data, ensuring accurate clinical records, and maintaining uninterrupted access to vital systems. 

The NHS’s newly launched Cybersecurity Charter, supported by an open letter to suppliers from NHS England and the Department of Health and Social Care, reinforces this approach. It calls for stronger supplier accountability, including 24/7 monitoring, Multi-Factor Authentication, and immutable backups. This is especially critical given the NHS’s complex supply chain, where vulnerabilities in third-party services - such as laboratory systems or mobile device management platforms - can escalate into frontline care disruptions. 

One often-overlooked threat vector for the NHS is printer security. Multifunctional devices may seem benign, but outdated firmware, unsecured network access, and even sensitive printed documents left uncollected can all compromise confidentiality. As a trusted technology partner to the NHS, we always urge Trusts to treat print infrastructure as part of their broader cybersecurity defence. Secure print solutions must be designed with CIA principles in mind - ensuring data and confidentiality are protected, systems are resilient, data accuracy and trustworthiness are assured, and access is controlled but securely available when required. 

Cyber resilience today also requires more than asset protection. NHS IT leaders must ask the right questions when it comes to assessing not only their own security, but that of trusted suppliers. This includes whether suppliers are continuously assessed for risk, not just at onboarding. Is there a robust incident response plan across the supply chain? And are suppliers’ technical and organisational security controls adequate for processing NHS data? 

The right suppliers will always support NHS organisations in navigating these challenges. This includes demonstrating business resilience through business continuity, Disaster recovery, and cyber incident response planning – all that match the security needs of the NHS Trusts they support.  

As cyber threats escalate and evolve, NHS Trusts must take a proactive and comprehensive approach to cybersecurity - one that goes beyond ransomware and addresses broader risks. Embedding CIA principles, securing overlooked assets, and demanding supplier accountability are key to protecting care delivery. Cyber resilience isn’t optional; it’s a strategic necessity for safe, uninterrupted, and trusted healthcare.