Public Services > Healthcare

NHS Digital gets Microsoft support on cyber threats

David Bicknell Published 24 January 2018

Initiative understood to be part of NHS Digital Custom Support Agreement with Microsoft from last August that covers all health and social care organisations in England


NHS Digital says it has entered into a new arrangement with Microsoft to support health and care organisations in protecting their IT infrastructure against cyber threats.

The use by NHS Digital of Microsoft’s Enterprise Threat Detections Service will be provided under an NHS Digital Custom Support Agreement (CSA) agreed with Microsoft last August that covers all health and social care organisations in England. The agreement extended support to legacy Windows operating systems and its benefits include updates, migration support and improved threat awareness.

Today’s announcement covers the Enterprise Threat Detection Service, which was included in the deal, and which is intended to improve threat awareness down to individual computers as well as also offering remediation advice.

NHS Digital said the Enterprise Threat Detection Service will allow NHS Digital’s Data Security Centre to provide targeted alerts to organisations that enable it. The alerts will use Microsoft’s cyber security knowledge to provide organisations with detection of issues, including a full description of the problem and expert remediation advice.

The contract for the service was agreed following a successful pilot with NHS Digital and Blackpool Teaching Hospitals Foundation Trust.

NHS Digital said the service has already been deployed on over 30,000 machines and will eventually cover up to 1.5m devices within health and care settings such as hospital trusts and GP practices.

NHS Digital said a step change in the existing capability could take place if end (user) organisations make Group Policy changes in their Active Directory to allow Windows Error Reporting telemetry to be sent to the Enterprise Threat Detection service. This allows alerts to be provided specific to an organisation with details of the machines infected, together with remediation advice.

NHS Digital said it currently provides a range of cyber security services for the health and care system, including a service to share threat intelligence and remediation advice, on-site data security assessments for NHS organisations and specialist support for organisations affected by cyber security incidents.

A spokesperson for NHS Digital said, “The Government response to the National Data Guardian’s review referred to 'working in partnership with Microsoft to help mitigate the immediate risks associated with unsupported software'.  Part of this work has now culminated in a new custom support agreement between NHS Digital and Microsoft. 

“Microsoft will provide NHS Digital with a centralised, managed, and coordinated framework for the detection of malicious cyber activity through its Enterprise Threat Detection (ETD) service. The ETD analyses intelligence and aims to reduce the likelihood and impact of security breaches or malware infection across the NHS. This contract with Microsoft runs until June 2018 and is in line with similar agreements between Microsoft and other government departments."

The spokesperson added, “One of NHS Digital’s key roles is to work closely with other national partners to explore and provide additional layers of cyber security support to NHS organisations when they need it, with the aim of minimising disruption to NHS services and patients. Under the agreement, all NHS organisations will be covered by the custom support agreement.”

NHS Digital said it wasn't able to give the value of the Microsoft contract due to commercial confidentiality.

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.