NHS Cyber Security 'Batsignal’ peer-to-peer alerting system to launch next month
Alert will help to improve response to cyber threat following WannaCry scandal
The two chairs of the largest independent communities of NHS digital leaders will launch the ‘NHS Cyber Security Batsignal’, a new peer-to-peer cyber security warning alerting system, at the first Public Cyber Security conference next month.
The new community-developed incident and alerting service is designed to provide immediate alerts of future cyber security incidents and enable sharing of information on how to respond, ensuring digital leaders across the NHS can remain in contact even if official channels are out of action.
The new ‘Batsignal’ has been developed by the chief clinical information officer and Health CIO Networks, the grass roots-based leadership communities of over 1,800 local NHS digital leaders with representation from all NHS trusts and convened by Digital Health.
A key lesson from May’s WannaCry crisis was that community-based peer-to-peer channels proved extremely effective at time-critical alerting, particularly as the attack was unfolding and official NHS communication channels and email were suspended.
We saw during WannaCry that that the ability of the Networks to warn and support each other in real-time was hugely important
On 12 May, the day WannaCry hit, many members of the CCIO and Health CIO Networks warned each other of the unfolding crisis as it hit and shared information on how to respond through their online community, hours before official communications were issued.
An ‘After Action Review’ chaired by Dr Joe McDonald, CCIO at Northumberland, Tyne and Wear NHS Foundation Trust and chairman of the CCIO Network, identified a need for a simple peer-to-peer alerting system.
The vital importance of social networks in enabling communications to continue when NHS email systems were being suspended was also highlighted in the recent NAO review on WannaCry.
Based on this experience the Health CIO and CCIO Networks have since developed the new ‘NHS Cyber Security Batsignal’, designed to enable NHS IT leaders to very quickly issue and share cyber security alerts that will trigger dual email and text alerts for registered users.
“The Batsignal project means that the CCIO and CIO networks have 1,800 pairs of highly-trained eyes on watch for the next WannaCry at all times and the means to give early warning to members who have signed up to receive text alerts,” said McDonald.
“Discourse [the online collaboration platform used by the Networks] already proved its worth on the 12 May and the added functionality makes membership of the network even more valuable than before.”
Adrian Byrne, chief information officer at University Hospital Southampton NHS Foundation Trust and chairman of the Health CIO network, added: “We know there is a need to rapidly communicate some information and are keen not to introduce too many channels. The Discourse platform is an ideal base as all parties already use it.
The Batsignal project means that the CCIO and CIO networks have 1,800 pairs of highly-trained eyes on watch for the next WannaCry at all times and the means to give early warning to members who have signed up to receive text alerts
“We will not require Commissioner Gordon’s team to put out the alert and will instead be relying on responsible members to recognise significant events and notify others. We are confident this will be a useful addition to the communications armoury.”
The prototype of the new peer-to-peer cyber security alerting service, developed by network members and supported by Digital Health, will be publicly launched at Public Cyber Security, a new one-day conference being held on 7 December at the ICC in Birmingham.
Dr Marcus Baw, project lead, said: “The Batsignal extends the community’s own Discourse collaboration platform with SMS-alerting capability; SMS being a strong fallback technology in the case of cyber incident-related N3 network and email outages, which might otherwise prevent the alert from being received by NHS IT leaders.”
Jon Hoeksma, chief executive of Digital Health, added: “We saw during WannaCry that that the ability of the Networks to warn and support each other in real-time was hugely important.
“The new ‘Batsignal’ is a grass-roots initiative designed to make that same peer support available in future incidents to all NHS digital leaders that want it.”
All members of the CCIO and Health CIO Networks, which include representatives from every NHS trust in England, will be given the opportunity to register for the Batsignal.
Once registered, they will be able to trigger and receive future alerts, which will be sent by email, on the Discourse community platform and by text alerts to their mobiles.