Skip to main content

Cyber security strategy for health and adult social care to 2030

Find out about the joint NHS England and Department of Health and Social Care (DHSC) cyber security strategy for health and adult social care to 2030.

Page contents

About the strategy

The cyber security strategy for health and adult social care sets out an approach to ensure continued services across an increasingly digitised sector, to protect valuable personal data, and to build patient and service user trust.

Recognising some of the most important challenges – both in the threats space, and in meeting the needs of the large, complex and autonomous sector – the strategy is a unified approach to further cyber resilience and make people safer.

While the strategy extends to 2030, it also sets out our specific commitments to achieve by 2025, including an implementation plan we will provide, which will set out activity and funding for the next 2 years.

Objectives
  • reduced risk of attack
  • better protected data
  • quicker response and recovery
  • increased trust

A joint approach to building cyber resilience

Strategy partners include
  • national and regional teams
  • integrated care systems
  • health and social care leaders
  • cyber workforce
  • third party suppliers
  • all employees

5 pillars of our strategy

The strategy sets out 5 complementary pillars for a joint approach to building cyber resilience, uniting health and adult social care in our focus to 2030. 

Focus on greatest risks and harms
Focus on greatest risks and harms

Understand risks

Increased visibility

Proportionate mitigations

Network and Information Systems (NIS) regulations are understood and used

Defend as one
Defend as one

Collaborative working

Coordinated threat intelligence

Clear accountability

Services fully used

People and culture
People and culture

Cyber security as a profession

Diverse cyber workforce

A 'just culture' of fairness, openness and learning

Everyone understands their role

Build secure for the future
Build secure for the future

Emerging risks understood

Critical supply chain engaged

Secure by design

Clear and aligned standards

Exemplary response and recovery
Exemplary response and recovery

Minimise the impact of a cyber attack on patient and service user care

Get in touch

The Joint Cyber Unit (JCU) welcome questions and conversation as we look to apply the strategy across the sector.

Contact us at [email protected].

Last edited: 1 August 2023 10:49 am