System-Wide Approach to Cyber Security is The Only Way to Tackle Issues

Chris Ibell, Chief Digital and Information Officer at Staffordshire and Stoke-on-Trent Integrated Care Board (ICB), recently provided an update on the organisation’s cyber security status during the latest ICB meeting.

He highlighted the cyber risks faced by its member organisations and outlined plans to adopt an integrated care system (ICS) approach to incident response planning.

This update follows a series of initiatives held over the past year, including a cyber crisis simulation event, board development sessions, and cyber security workshops.

The simulation exercise led to the identification of 22 actions, emphasizing the importance of refining processes and plans, as well as encouraging staff to embed an ICS-wide strategy for threat mitigation and incident response.

Currently, the ICB employs an integrated ICS model to manage cyber security

This approach is spearheaded by the ICS Security Operations Centre (SOC), which operates 24/7 and provides support to organisations such as Staffordshire Council, Midlands Partnership University, University Hospitals of North Midlands, North Staffordshire Combined Healthcare, and Stoke Council.

The SOC conducts standardized vulnerability scans, patching services, and gap analyses to identify areas for improvement. It also focuses on streamlining reporting metrics across the board.

Ibell shared plans to strengthen incident response strategies by coordinating information governance, emergency preparedness, resilience and response (EPRR), and collaboration among digital and cyber teams across the ICS.

Additionally, a draft version of the ICS cyber security strategy, covering the period up to 2030, has been submitted, with the final version expected soon.

The European Commission also launched an EU action plan

The plan is to support hospitals and healthcare providers in improving their cyber security.

This initiative aims to enhance threat detection, readiness, and response capabilities across the healthcare sector.

Meanwhile, North West London Integrated Care System’s latest board meeting examined progress in the region, addressing cyber resilience, digital advancements in primary care, and the development of integrated neighbourhood teams.

The board noted that its application for £1.15 million in NHS England Cyber Risk Reduction funding is still pending.

It continues to work on completing its cyber strategy by the end of the financial year and optimizing digital programmes such as the London Shared Care Record and acute provider EPR systems. Let me know if you’d like this refined further!