2025 年英国国家医疗服务体系 (NHS) 数字化转型中的网络安全挑战及韧性构建报告

Building CyberResilient Healthcare Strengthening the NHSto Safeguard Patients Contents Foreword At BT, we are deeply committedto partnering with the NHSas its trusted ally, helping itnavigate complex challenges.Achieving this requires listeningclosely to those at the heartof the NHS and the UK public.These insights provide aninvaluable opportunity tounderstand their perspectivesand act on their needs quickly.I hope you find it a compellingand meaningful read. The NHS is defined by thededicated individuals who workwithin it – our families, friends,and fellow citizens. They alwaysgo above and beyond to keeppeople safe. Today, as the NHSconfronts some of its greatestchallenges in a generation,technology can provide manysolutions. However, a true culturalshift is required to jumpstart theacceleration of digital health,stay safe against cyber securitythreats and transform the waypatients receive care. Professor Sultan MahmudDirector of Healthcare- BT Business Executive summary The NHS is under increasing strain due to growing healthcare demands, driven in part by an ageingpopulation. At the same time, while technology has a major role to play in shaping its future,the increasing reliance on digital systems in healthcare brings new threats. BT figures earlier this year revealed that 2,000 signals of a potentialcyber attackacross multi-sector organisations are spotted every second.Threats targeting healthcare have grown in frequency and sophistication,endangering patient care and compromising vital services. In the UK,researchpublished in 2023 shows eight in 10 healthcare providers haveexperienced a security breach since 2021. This underscores the pivotalrole cyber security plays in safeguarding and ensuring uninterruptedservice delivery. Confidence gaps are evident between public expectations and stafftrust within the NHS. While awareness of cyber security risks is high,it’s undermined by insufficient preparation. Legacy systems continueto hinder the delivery of care, causing frustration, while most staff donot receive regular education on cyber security best practices. This report highlights how BT’s approach – collaborating with leadingminds across healthcare, policy, and business – provides a strongfoundation for driving healthcare digital transformation. By buildingcyber resilience that truly meets the needs of the NHS, we can delivermeaningful impact for everyone. The volume and severity of attacks significantly impacts patients,staff, and the wider healthcare system. There is an urgent need toreprioritise how IT and cyber security are funded in order to meetthe evolving demands of healthcare. Our recent survey of NHS staff and the UK public provides key insightsinto the sentiment around cyber security in the NHS. These findingsreveal growing concerns about data exposure, system resilienceand priorities for a digitally secure healthcare system. Researchmethodology BT’s Healthcare team commissioned an independent surveyof 76 staff at 59 different NHS and Integrated Care Systemorganisations within the NHS. The survey was carried outonline between 8th July and 16th September 2024. BT also commissioned a YouGov survey of over 2,000 UK adults tohighlight the public’s concerns about cyber security in the NHS andoutline their priorities. Total sample size was 2159 UK adults. Fieldwork was undertaken between 5th - 8th July 2024.The survey was carried out online. The figures have been weightedand are representative of all UK adults (aged 18+). Inside NHScyber securitychallenges There has been atremendous spikein cyber attacks onhealthcare services,with varying effectson NHS infrastructure. Patients, clinicians, and operational staff alikehave all suffered repercussions. As well as financialconsequences, the impact on patient care deliverycan be catastrophic, so it’s no wonder publicconcern is mounting. From our YouGov survey,over half (57%) ofUK adults are concerned about the NHS beingtargeted by cyber attacks, and 56% are worriedabout patient data exposure to hackers.Thesesentiments are understandable; the NHS hosts vastamounts of personal and medical data, making it aprime target for cyber criminals. This sentimentis shared byNHS staff: The percentages below reflect respondents who ranked these options as critically important. However, only 36% of NHS staffbelieve current cyber securitymeasures sufficiently protectpatient data While the vast majority (94%) of staffunderstand that they have a role in protectingthe NHS from cyber attacks, confidence incurrent cyber security measures falls short:only 42% are confident that these measurescan safeguard patient data effectively.Most (57%) said that the lack of regularaudits and clear communication frommanagement undermines staff confidencein the NHS’s preparedness. This digital damage must not be overlooked– reverting to pen and paper won’t suffice.Disrupting the flow of data delays life-savingtreatments, hinders diagnoses, and stallscommunicati