NHS England is looking to enhance cyber risk visibility, assurance, and resilience in the NHS supply chain with a £4.3 million contract.
NHSE has issued an invitation to tender for a supplier to help develop a national supplier management platform to track cyber security risks. The selected provider must have significant experience in shaping cyber functions and capabilities and identifying and assuring suppliers.
The three-year contract, with an option to extend by 12 months, aims to address increasing cyber threats posed by vulnerabilities in suppliers’ systems. Following a recent cyber attack on a pathology system supplier, NHSE is prioritizing the management of systemic and aggregate cyber supply chain risks.
This initiative is part of NHSE’s £200 million cyber improvement programme, which aims to deliver strategic outcomes by 2025. Mark Edwards, chief information security officer at Digital Health and Care Wales, warns of potential increased cyber attacks on critical national infrastructure due to global conflict.
In a separate incident, NHS Dumfries and Galloway has cautioned nearly 150,000 patients to assume that their personal data may have been stolen and compromised in a cyber attack. NHSE is committed to bolstering cyber resilience in the NHS supply chain to better respond to such threats.
