WIREDGOV NEWSLETTER ARCHIVE
Interruption of Health Service could prove ‘fatal’ |
The Department of Health & Social Care has released its progress report on improving cyber resilience in the wake of the 2017 WannaCry attack. The third progress report focuses on the key themes where the Department has made improvements to cyber resilience within the NHS: 1. Strengthening national leadership for cyber security Crucial to this progress is the Cyber Security Strategy for Health and Social Care due for publication in 2020 which will provide an overarching framework for cyber security in the NHS and social care 2. Addressing cyber security risks and vulnerabilities at local level by taking action at the centre NHS Trusts are now utilising Microsoft’s Advanced Threat Protection (ATP) to detect & protect against potential threats while the creation of the Cyber Security Operations Centre (CSOC) has provided a national view of the cyber threat across local health organisations. NHS Digital is working to maintain secure and up to date systems. Unsupported and unpatched systems were key risk factors in the WannaCry attack. Consequently, the NHS has ensured extended support for Trusts is in place till 2021, with all NHS organisations having agreed to migrate to Windows 10 no later than December 2020. ( How we're improving cyber security - NHS Digital ) 3. Understanding cyber security maturity in the NHS As part of the NHS’s efforts to increase its cyber maturity, it has created the Data Security and Protection Toolkit (DSPT). Consequently, large organisations which do not meet the ‘National Data Guardian’s 10 Data Security Standards’ must now submit an improvement plan to NHS Digital. Most organisations which had not met the standards now have a plan to achieve it. 4. Supporting local organisations to strengthen their leadership for cyber security and to address capacity and capability issues The Cyber Security Support Model (CSSM) provides a clear picture of the strengths & weaknesses with cyber at Trust level through on-site assessments and training for Board & Senior Information Risk Owners. Key individuals within an organisation now understand the importance & nature of cyber security and risk. All NHS organisations now have an Executive Director as a data security lead and cyber security risks are regularly reviewed by the board. NHS Digital also provides organisations with access to the Unified Cyber Risk Framework to help achieve compliance with this recommendation. A national cyber communications and awareness campaign, the ‘Keep I.T. Confidential’ campaign has also been created which aims to drive cultural change by educating all NHS staff on the direct impact of data and cyber security on patient care. 5. Applying cyber security standards across health and care system NHS Digital has worked with the NCSC to include the requirements of Cyber Essentials into the DSPT. Consequently, from 2020/21 NHS Trusts will be expected to meet the additional requirements in the DSPT which provide equivalence to the Cyber Essentials Plus (CE+). NHSX has also commissioned discovery reports into the technology enabled care sector and Adult Social Care sector which provided in-depth pictures of the cyber security risks and challenges these sectors face. NHS also has new regulatory levers to ensure Operators of Essential Services are taking adequate steps to protect their systems and report any cyber incident or network failure. 6. Continued investment in cyber security - Over £250m will be invested nationally to improve cyber security of the health and care system in 2021. |
Researched Links: |
techUK: Securing Cyber Resilience in Health & Social Care DHSC; Security comes at a price Let us hope that they act proactively this time Editor looks back at previous 'crystal ball' security items published in WGPlus |
|
More ‘nuisance’ than ‘diabolical sabotage’ |
Last week the Labour Party reported to the NCSC that it had suffered a distributed denial of service attack (DDoS) attack. An NCSC spokesperson yesterday said: “The NCSC has worked closely with political parties for several years on how to protect and defend against cyber attacks. We met the major parties last week ahead of the General Election. “In terms of this incident, the Labour Party followed the correct, agreed procedures and notified us swiftly. The NCSC is confident the party took the necessary steps to deal with the attack. The attack was not successful and the incident is now closed.” |
Researched Links: |
NCSC: Statement - Cyber incidents affecting political parties Guidance for local authority IT teams ahead of the forthcoming General Election on 12 December 2019 Guidance following recent DoS attacks in the run up to the 2019 General Election AXELOS: Cyber awareness learning – motivate & empower your employees Update on tackling intimidation in public life The NCSC defends nation against more than 600 cyber attacks EU to take action against fake news and foreign electoral interference EU Member States test their cybersecurity preparedness for fair and free 2019 EU elections The Russians are coming! The Russians are coming! (Allegedly) |
A logical way forward |
Last week’s launch of City Tools: London aims to pave the way for collaboration across the Boroughs and help innovators solve some of the biggest challenges the city. It was a week of exciting launches for local GovTech. On Monday they had the launch of the Mayor of London’s Civic Innovation Challenge and then the London Office of Technology & Innovation (LOTI) released City Tools: London report and interactive dashboard at Big Data LDN. The aim of City Tools: London, developed by Bloomberg Associates in partnership with LOTI and the GLA, is to enable possible collaborations between local authorities, identify opportunities for new entrants and innovators into the government technology market, and drive cost savings by coordinating contracts and leveraging boroughs’ collective bargaining power. City Tools: London interactive dashboard will become a real-time resource, hosted and maintained by LOTI and the benefits they are expecting are:
|
Researched Links: |
techUK: Driving improved collaboration & innovation across London boroughs techUK: Tackling London's biggest issues using tech & innovation |
Editor’s choice of other Health, Social care & Homelessness related items of note: |
ScotGov: Strengthening the hospital workforce WAG: Major expansion in training places for nurses and other health professionals Unite: Frimley NHS trust staff strike for 2 days over hived-off ‘tax avoiding’ company |
SME Supplier Locator update... | ||
UK Government and public sector spend with SME’s is continually on the increase and by 2020, it is the stated intent of Cabinet Office that £1 of every £3 spent on government contracts goes to SME’s. Against this ambitious backdrop, the WiredGov Supplier Locator service has been developed specifically to embrace the SME Agenda and provide the ideal platform for SME’s to promote their services, solutions, accreditation and success stories directly to our ever increasing audience across all government and public sector verticals and Tier 1 suppliers.
|
For those who are flooded it is always ‘Too little, too late’ |
Update on current flooding situation and how the government is responding. The Environment Agency, emergency responders & local authorities are helping to protect people and properties following the flooding in:
River levels in the River Don around Doncaster remain high and flood warnings, meaning there is still a risk of flooding, remain in place. Approximately 14,400 properties have been protected by flood defences, including nearly 5,000 properties in South Yorkshire. Sadly, over 800 properties have been affected by floods and people have been evacuated from properties in Bentley and Fishlake in Doncaster. What you need to do Communities are urged to continue to:
How we are responding Over 300 EA staff are working 24/7 around the country. Our incident rooms are open and we are working with the military to put up temporary flood barriers and move sandbags to areas across South Yorkshire and Lincolnshire. We have also deployed 39 pumps across 5 locations to pump away water as soon as water levels allow. In Fishlake, 5 ultra-high volume pumps are fully operational and pumping out 16 cubic metres of water per second. Environment Agency teams have now deployed more than 2,200 sandbags in affected areas. Cross-government support – announcements Under the Flood Recovery Framework, the Government will provide funding to support the recovery efforts of local councils where households and businesses have been affected by the severe weather. The MHCLG will provide a Community Recovery Grant to local councils – equivalent to £500 per eligible household - to help communities with their immediate recovery, while the BEIS will provide funding for a Business Recovery Grant. This will provide up to £2,500 per eligible SMEs which has suffered severe impacts from the floods that cannot be recovered from insurance. Sign up for flood warnings and latest flood updates |
Researched Links: |
Check for flood warnings and find out if you are at risk of flooding Follow @EnvAgency on Twitter for the latest flood updates 10DS: Government announces further support for those affected by flooding Defra: Government announces support for flood-hit farmers MHCLG: Government announces business rates & council tax relief following severe flooding MHCLG: Government activates Bellwin scheme to support local communities hit by flooding MoD: 200 UK troops deploy to support flood relief Hundreds of EA staff work to reduce flood risk EA helping to keep communities safe from flooding EA warns flood hit communities to remain vigilant as more rain expected EA: Pumping operation continues to reduce flood water levels in Fishlake EA warns communities to remain vigilant to the risk of weekend flooding ScotGov: Flooding action plan launched ScotGov: Living with flooding - action plan New long term plan for managing flood and coastal erosion in Wales Sustainable drainage compulsory from next year Surrey CC Deploy Cloud Emergency Management Platform: Latest Case Study |
Fine in theory, but…. |
The Housing Secretary Robert Jenrick MP told the Housing, Communities & Local Government select committee last week that he is ‘not in favour’ of rent controls. Giving evidence to the select committee on the topic of possession reform, Mr Jenrick said: “I am not in favour of rent controls. As I said, that has proven to be very negative for both landlords and tenants in the past, and I do not want to see any move in that direction.” The topic of rent controls arose, because it was included in the Government’s recent consultation on reforming the possession process, in which concerns were raised about rent levels if Section 21 powers were abolished. Last month, RLA research on existing research on rent controls revealed the harm they can cause. The research found that when rent controls were introduced in Berlin, rents shot up by 10%. Previous pre-control rises had been just 1%-2%. While in in San Francisco, the number of homes to rent fell by 15% when rent controls were introduced. Responding to the Housing Secretary’s comments, RLA policy director David Smith told The Telegraph: “We welcome the housing secretary’s recognition that rent controls are ultimately bad for tenants. All the evidence from around the world where they have been introduced shows that they reduce supply and drive up cost, making the situation for tenants worse.” However, Labour’s position on rent controls is different, with the Mayor of London Sadiq Khan continuing to call for the power to introduce rent controls in the capital. |
Researched Links: |
RLA: Rent Controls: Housing Secretary “not in favour of them” RLA: New data shows folly of London rent controls RLA: Welsh Government to trial leasing scheme for private landlords RLA: Think tank wants rent controls and lifelong tenancies |
- General News, Charities & Third Sector
- Health, Social Care and Homelessness
- National & Devolved Policy Statements & Initiatives, Legislation / Legal
- Consultations
- Reports and Other Publications not listed in other sections
- EU Legislation, Initiatives, etc.
- ICT and Data Management / Security
- Business and Other Briefings / News – (Government Funding Opportunities)
- Forthcoming Events