Skip to main content

Government wants new NHS cyber security chief

Published on: 18 Nov 2022

Government is looking to hire a new cyber security chief for the NHS and Department of Health and Social Care, at a time of heightened risk of cyber attacks against the health service. 

The DHSC last month issued a job advert for a “national chief information security officer”, who will sit within the digital policy unit of NHS England’s transformation directorate.

It comes at a time when the risk of cyber attacks against the NHS is increasing. Earlier this summer, an attack on an NHS electronic patient record supplier impacted several providers, including a dozen mental health trusts, with some trusts still not having recovered their service fully.

Meanwhile, in February, NHSE wrote to trusts to tell them to strengthen their cyber defences in the wake of Russia’s invasion of Ukraine

According to the DHSC’s advert, the post holder will provide “strategic leadership, direction and specialist expertise on cyber security” for the DHSC, its arm’s-length bodies and local NHS and adult social care organisations.

This also includes being the DHSC and NHSE’s strategic and most senior specialist adviser for cyber risk, and leading the delivery of a three-year strategy for cyber security.

They will also lead as “incident director” for DHSC in the event of a “major cyber incident” and report to ministers and COBRA where needed.

The role is currently being filled on an interim basis by Phil Huggins. The advertised salary is £150,000.

HSJ revealed last week that at least half of integrated care systems do not have system-wide cyber security plans in place, ahead of a 2025 deadline imposed by NHSE.