1 year ago


Secure IT Disposal CDL

Secure IT Disposal CDL offer a secure solution for the management and retirement of redundant IT equipment. Contact us if you are looking for: • Secure disposal of IT and WEEE • Data sanitised to the highest recognised standards • Collections using only CDL vehicles and drivers • ISO 9001, 14001, 18001 & 27001 • ADISA accredited with distinction • On site media destruction • EU GDPR compliant service • Full UK coverage Visit us at Infosecurity Europe, 5th - 7th June (Stand Q50) to discuss any aspect of IT retirement for your facility. IT Disposal Specialists T: 01925 730033

comment COUNCIL OF WAR Every NHS trust that has been tested against cyber security standards since 2017's WannaCry attack has failed, NHS Digital has revealed, with plans now in place for surprise inspections at hospitals. Speaking at the Public Accounts Committee in Westminster, Rob Shaw, deputy CEO of NHS Digital, said that 200 NHS trusts had fallen short of the Cyber Essentials Plus certification when subjected to on-site assessments by the Care Quality Commission (CQC). Shaw appeared alongside NHS England chief executive Simon Stevens, Department of Health Permanent Secretary Sir Chris Wormold and NHS CIO Will Smart to answer MP's questions on the impact of last year's ransomware incident and what steps have been taken since. The influential Public Accounts Committee heard that a number of trusts that failed the inspection had done so because they had not carried out adequate patching on IT systems. How could this happen? After all, wasn't that a core vulnerability that was targeted by the WannaCry ransomware? In the wake of Wannacry, the immediate call that went out, far and wide, was to ensure such patching was carried out without any delay. How could this have been disregarded, when so much was at stake? Shaw said that NHS Digital was now working with the most vulnerable trusts on mitigation plans. He also stressed that measures were being put into place to address weak links in the chain. "It isn't the case that all of the trusts have done nothing around cyber security. The amount of effort it takes from NHS providers in such a complex estate to reach the Cyber Essentials Plus standard that we assess against is quite a high bar," said Shaw. "Some of the trusts have to do quite a considerable amount of work, but a number of them are already on the journey that will take them towards meeting that requirement." Really? To put it bluntly, 'stable doors' and 'horses' come to mind. What's needed now is fleet-footed action, but whose to say we won't be hearing of more than one trust that has suffered another major breach in the months ahead. Brian Wall Editor Computing Security EDITOR: Brian Wall ( PRODUCTION: Abby Penn ( LAYOUT/DESIGN: Ian Collis ( SALES: Edward O’Connor ( + 44 (0)1689 616 000 Louise Hollingdale ( + 44 (0)1689 616 000 PUBLISHER: John Jageurs ( Published by Barrow & Thompkins Connexions Ltd (BTC) 35 Station Square, Petts Wood, Kent, BR5 1LZ Tel: +44 (0)1689 616 000 Fax: +44 (0)1689 82 66 22 SUBSCRIPTIONS: UK: £35/year, £60/two years, £80/three years; Europe: £48/year, £85/two years, £127/three years R.O.W:£62/year, £115/two years, £168/three years Single copies can be bought for £8.50 (includes postage & packaging). Published 6 times a year. © 2018 Barrow & Thompkins Connexions Ltd. All rights reserved. No part of the magazine may be reproduced without prior consent, in writing, from the publisher. May/June 2018 computing security @CSMagAndAwards 3