The new 'Batsignal' has been developed by the Chief Clinical Information Officer and Health CIO Networks, the grass roots-based leadership communities of over 1,800 local NHS digital leaders, with representation from all NHS trusts, convened by Digital Health.
A key lesson from May’s WannaCry crisis was that community-based peer-to-peer channels proved extremely effective at time-critical alerting, particularly as the attack was unfolding and official NHS communication channels and email were suspended.
On 12 May, the day WannaCry hit, many members of the CCIO and Health CIO Networks warned each other of the unfolding crisis as it hit and shared information on how to respond through their online community, hours before official communications were issued.
An 'After Action Review' chaired by Dr Joe McDonald, CCIO at Northumberland, Tyne and Wear NHS Foundation Trust and chair of the CCIO Network, identified a need for a simple peer-to-peer alerting system. The vital importance of social networks in enabling communications to continue when NHS email systems were being suspended was also highlighted in the recent NAO review on WannaCry.
Based on this experience the Health CIO and CCIO Networks have since developed the new 'NHS Cyber Security Batsignal', designed to enable NHS IT leaders to very quickly issue and share cyber security alerts that will trigger dual email and text alerts for registered users.
"The Batsignal project means that the CCIO and CIO networks have 1,800 pairs of highly-trained eyes on watch for the next WannaCry at all times and the means to give early warning to members who have signed up to receive text alerts," said McDonald.
"Discourse [the online collaboration platform used by the Networks] already proved its worth on the 12th of May and the added functionality makes membership of the network even more valuable than before."
Adrian Byrne, CIO at University Hospital Southampton NHS Foundation Trust and chair of the Health CIO network, added: "We know there is a need to rapidly communicate some information and are keen not to introduce too many channels. The Discourse platform is an ideal base as all parties already use it.
"We will not require Commissioner Gordon's team to put out the alert, and will instead be relying on responsible members to recognise significant events and notify others. We are confident this will be a useful addition to the communications armoury."
The prototype of the new peer-to-peer cyber security alerting service, developed by network members supported by Digital Health, will be publicly launched at Public Cyber Security, a new one day conference being held on Thursday 7 December 2017 at the ICC Birmingham.
Dr Marcus Baw, the project lead, said: "The Batsignal simply builds on the community's own Discourse collaboration platform, which proved itself invaluable on 12 May. It extends it with SMS-alerting capability; SMS being a strong fallback technology in the case of cyber incident-related N3 network and email outages, which might otherwise prevent the alert from being received by NHS IT leaders."
Jon Hoeksma, chief executive of Digital Health, said: "We saw during WannaCry that that the ability of the Networks to warn and support each other in real-time was hugely important. The new ‘Batsignal’ is a grass-roots initiative designed to make that same peer support available in future incidents to all NHS digital leaders that want it."
All members of the CCIO and Health CIO Networks, which include representatives from every NHS trust in England, will be given the opportunity to register for the Batsignal. This will be offered first to members attending PCS, who will be invited to register for the alert service launch.
Once registered, they will be able to trigger and receive future alerts, which will be sent by email, on the Discourse community platform and by text alerts to their mobile.
The initial threshold for a member of the network to trigger the 'Batsignal' is: 'The detection of an infected computer where the threat is likely to propagate to other NHS organisations'.
The new community-based alerting system is being developed to complement official CareCert alerting and notification services.
Attendees at Public Cyber Security who want to take part in the demonstration should first register for the conference - which is free to attend for public sector information security, IT and IG professionals - and then email their mobile telephone number to This email address is being protected from spambots. You need JavaScript enabled to view it..
For further information, please visit:
https://publiccybersecurity.com
About Public Cyber Security
Public Cyber Security is a new one-day conference focused on ensuring the cyber security of citizen-facing public services, as delivered by multiple agencies, including health and social care, local government, police, and central government departments. Strategies for avoiding, minimising risk and managing cyber-security incidents are top of the agenda for digital leaders and boards across the public sector.With the growing reliance on digital channels and information systems to deliver public services to citizens, securing the public’s data, privacy and confidentiality against cyber security threats is essential. Public sector digital service delivery increasingly hinges on being to guarantee the availability of services and guard against malicious threats safely and reliably.
About Digital Health
Digital Health, is the UK's authoritative, independent B2B news, research and events specialist focused on the fast-evolving field of health IT and digital health.Digital Health convenes the key communities of NHS IT leaders: Chief Clinical Information officer and Health Chief Information Officer networks, delivered through a vibrant events programme centred around the annual Summer School and a private online collaboration.
Together, our news, data, intelligence, events, and networks, provide a unique collaborative platform for digital leaders and suppliers to keep up-to-date with the latest market and policy news, engage, and share best practice.