The National Cyber Security Centre (NCSC) continues to call upon organisations in the UK to strengthen their online defences in the wake of the Russia -Ukraine war.
The NCSC – which is a part of GCHQ – has urged organisations to follow its guidance on steps to take when the cyber threat is heightened.
While the NCSC is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, there has been a historical pattern of cyber attacks on Ukraine with international consequences, it says.
The guidance encourages organisations to follow actionable steps that reduce the risk of falling victim to an attack.
Advice for care providers
In addition, NHS Transformation Directorate (formerly NHSX) and Digital Social Care recommend that all care providers follow this advice:
- Ensure you have completed or are working towards your Data Security and Protection Toolkit submission. If you have already completed it but have changed your IT systems or developed new services, revisit and use the toolkit to ensure you have thought through the implications of any changes
- Notify your IT team or the person responsible for IT, this should also include suppliers of any IT systems that you use such as digital care plans. Make sure they are keeping up to speed with emerging cyber threats, such as Russia/Ukraine and the Log4J vulnerability, and taking appropriate actions to protect the systems you use. For ease, you can send them this information and the NCSC has issued the guidance for all UK organisations
- Create or update your data and cyber security Business Continuity Plan. You can use a template and guidance produced by Digital Social Care
- Ensure that you are following correct procedures for conducting back-ups. See Digital Social Care guidance – Back Up Your Data
- Consider purchasing cyber insurance
- Report any cyber incidents. Contact the National Cyber Security Centre via gov.uk
Free cyber support
Any care provider in England can access free cyber security support from the Better Security, Better Care programme, including implementing any of the advice above. In the first instance, you should contact your Local Support Organisation. Details are available here.
Further Information
How the Data Security and Protection Toolkit can improve care, alternatively, find it in the QCS Resource Centre
National Cyber Security Centre
Elevated cyber threat following Russian invasion of Ukraine: Important advice for all care providers
This message advises on how care providers can protect themselves against the elevated cyber threat from the Russian invasion of Ukraine, and highlights the available Better Security, Better Care support you can access for free to help towards greater cyber resilience.
You will be aware of the ongoing Russian invasion of Ukraine. Cyber attacks, which may have international consequences, are being deployed as part of this. While the National Cyber Security Centre (NCSC) is not aware of any current specific threats to UK organisations in relation to events in and around Ukraine, there has been a historical pattern of cyber attacks on Ukraine with international consequences.
NHS Transformation Directorate (formerly NHSX) and Digital Social Care recommend that all care providers follow this advice:
- Ensure you have completed or are working towards your Data Security and Protection Toolkit submission. If you have already completed it but have changed your IT systems or developed new services, revisit and use the toolkit to ensure you’ve thought through the implications of any changes
- Notify your IT team or the person responsible for IT, this should also include suppliers of any IT systems that you use such as digital care plans. Make sure they are keeping up to speed with emerging cyber threats, such as Russia/Ukraine and the Log4J vulnerability, and taking appropriate actions to protect the systems you use. For ease, you can send them this information and the NCSC has issued the guidance for all UK organisations
- Create or update your data and cyber security Business Continuity Plan. You can use a template and guidance produced by Digital Social Care
- Ensure that you are following correct procedures for conducting back-ups. See Digital Social Care guidance – Back Up Your Data
- Consider purchasing cyber insurance
- Report any cyber incidents. Contact the National Cyber Security Centre via ncsc.gov.uk
Any care provider in England can access free cyber security support from the Better Security, Better Care programme, including implementing any of the advice above. In the first instance, you should contact your Local Support Organisation. Details are available here.
We will be keeping up to speed with developments, so we recommend that you follow us on Twitter for updates.
You can also find some tops tips to complete the DSPT below
Download Now