England’s NHS demands supplier cyber commitments in open letter
The UK’s Department of Health and Social Care and NHS England are calling on all current and prospective NHS suppliers to commit to stronger cybersecurity practices by signing a new voluntary Cyber Security Charter. The move comes amid a sharp increase in ransomware attacks targeting the healthcare supply chain.
Wade Ellery, Field CTO, Radiant Logic had this to say:
“Healthcare is doubly vulnerable because of its deep reliance on legacy identity infrastructure and vendor sprawl and the literal life and death impact of such an attack. Many providers operate with decades-old IAM systems, scattered data sources, and minimal visibility into who has access to what—and why. Identity observability offers a path forward: unifying and monitoring all identity and access data in real time, so threats like ransomware don’t go undetected until it’s too late.”
I’ve been saying for a long time that because health care is low hanging fruit for threat actors, more must be done in that sector to make it less attractive to threat actors. This qualifies as more in my books. And I would love to see this copied elsewhere as this will make a difference.
May 19, 2025 at 12:08 pm
[…] UK has been starting to focus more on upping their cybersecurity game. This is an example of what I mean. But this breach shows that they have much more work to do on that […]
May 20, 2025 at 8:29 am
[…] You’re only secure as those you work with. Thus you need to make sure that those you work with are as secure as possible. Just like the NHS in the UK has started to demand from those they work with. […]
May 29, 2025 at 1:27 pm
[…] Other than the fact that they should consider holding third parties accountable for their security like the NHS recently did. Because it should be crystal clear by now that you’re only as secure as the companies that […]