• Latest
  • Trending
  • All
NHS adds supplier security audits to procurement platform

NHS adds supplier security audits to procurement platform

February 16, 2020
Last Mile Delivery Market Worth Observing Growth | UPS, FedEx, SF Express

Last Mile Delivery Market Worth Observing Growth | UPS, FedEx, SF Express

April 23, 2024
Top 5 Spend Analysis Software ranked in 2024

Top 5 Spend Analysis Software ranked in 2024

March 1, 2024
How Tesla And BMW Are Leading A Supply Chain Renaissance With Blockchain

How Tesla And BMW Are Leading A Supply Chain Renaissance With Blockchain

January 19, 2024
LATAM Cargo strengthens European cargo links

LATAM Cargo strengthens European cargo links

April 14, 2020
Ford making reusable hospital gowns from airbag materials as efforts against coronavirus expand

Ford making reusable hospital gowns from airbag materials as efforts against coronavirus expand

April 14, 2020
Don’t Sweat NBC’s Decision to Cut Back on Television Ad Inventory

Don’t Sweat NBC’s Decision to Cut Back on Television Ad Inventory

April 14, 2020
Software firms sharpen focus on AI, big data as IT spending drops

Software firms sharpen focus on AI, big data as IT spending drops

April 14, 2020
Navigating turbulent times in your supply chain (TL:DR version)

Navigating turbulent times in your supply chain (TL:DR version)

April 14, 2020
Last Mile Delivery by Drones Market is Booming Worldwide

Last Mile Delivery by Drones Market is Booming Worldwide

April 14, 2020
AIR CARGO MARKET SIZE, SHARE, DEMAND, TREND, LATEST INNOVATIONS & APPLICATION ANALYSIS AND INDUSTRY GROWTH FORECAST 2027 – Science In Me

AIR CARGO MARKET SIZE, SHARE, DEMAND, TREND, LATEST INNOVATIONS & APPLICATION ANALYSIS AND INDUSTRY GROWTH FORECAST 2027 – Science In Me

April 14, 2020
Wheat procurement in Patiala: 6,500 coupons issued to farmers – cities

Wheat procurement in Patiala: 6,500 coupons issued to farmers – cities

April 14, 2020
Pandemic, Plastics And The Continuing Quest For Sustainability

Pandemic, Plastics And The Continuing Quest For Sustainability

April 14, 2020
  • Supply Chain
  • Logistics
  • Warehousing
  • Procurement
  • Shipping
  • More
    • Strategic Sourcing
    • Spend Analysis
    • Inventory
    • Contact Us
No Result
View All Result
United States International Supply Chain Commission
United States International Supply Chain Commission
Home Procurement

NHS adds supplier security audits to procurement platform

by usiscc
February 16, 2020
in Procurement
0
NHS adds supplier security audits to procurement platform
493
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

NHS Shared Business Services (SBS) and its cloud platform partner Virtualstock have enlisted cyber threat intelligence and risk assessment specialist Orpheus Cyber to add integrated security audits to the Edge4Health procurement platform and improve supply chain security for the health service.

Launched in January 2020 with a staged roll-out to a few NHS trusts, Edge4Health is billed as a consumer-style digital procurement hub designed to cut costs, improve visibility and data management, and ensure greater compliance in the NHS. It can be used to buy over a million products and services – not limited to IT – and is understood to have transacted over £8m of spend to date.

The feature enables NHS suppliers to check and improve their security using a dial indicating whether their rating is good, average or bad. Clicking on it will allow suppliers to download a report providing information on the various threats and vulnerabilities they are subject to, and how to mitigate them, hopefully improving their own security and that of their customers.

“With £9bn of annual spend, the NHS has some of the longest and most complex supply chains in the world. Ensuring the security and integrity of these supply chains is a priority for NHS organisations, the government and suppliers,” said NHS SBS procurement director, Phil Davies.

“Enabling suppliers to swiftly check on their current cyber security status is an important step forward in mitigating the threat posed.”

Information will also be made available to NHS organisations buying through the platform, through a buying community cyber risk rating, to help decision-makers take better account of security considerations when buying services.

Oliver Church, CEO of Orpheus Cyber – other customers of which include the Department for Work and Pensions (DWP), mobile operator O2 and accountancy firm Smith & Williamson – said cyber criminals were increasingly targeting supply chains as a weak link to compromise their ultimate targets, in this case NHS organisations with access to confidential data.

“We frequently see significant damage to customers when suppliers, disabled by cyber attacks, are no longer able to provide vital goods and services – which is potentially very serious when dealing with patient health”
Oliver Church, Orpheus Cyber

“Attacks are becoming increasingly complex, tending to focus not just on stealing data but on permanently deleting or encrypting it. Furthermore, we frequently see significant damage to customers when suppliers, disabled by cyber attacks, are no longer able to provide vital goods and services – which is potentially very serious when dealing with patient health,” said Church.

“Because private data is often distributed through supply chains, a breach of a supplier can easily leak sensitive information, a major concern when dealing with the privacy of patient personal data. Legislation such as the GDPR [General Data Protection Regulation] provides for heavy fines if private data is breached due to poor cyber security.”

In November 2019, Orpheus Cyber published a whitepaper looking specifically at the security arrangements of NHS suppliers. It suggested that NHS trusts themselves were increasingly at risk of supply chain attacks because so many of them have spent lavishly on their own security since the 2017 WannaCry disaster, meaning bad actors now have to look for another way in.

Based on a study of 622 suppliers pre-listed for the Edge4Health platform, the report said that 88% of suppliers had had company emails and passwords leaked due to attacks on third-party databases, 37% had vulnerabilities that look attractive to cyber criminals, 17% appeared to run easily targeted databases and 95% lacked advanced email protection.

Supply chain attacks, related to so-called island-hopping attacks, are a particularly potent threat to multiple industries, as seen in 2019 when attackers with alleged links to the Chinese government got inside Airbus’s network to steal technical information related to the A350 airliner.

Such attacks take place when attackers get access to a third party with trusted access to their target’s network, as many NHS suppliers will have. Subsequent attacks against the target will thence look like an internal attack and may be harder to detect by perimeter-focused cyber security systems.

Share197Tweet123
usiscc

usiscc

  • Trending
  • Comments
  • Latest
Escape From Tarkov – How to Rotate Items

Escape From Tarkov – How to Rotate Items

February 5, 2020
Supply chain examination: Planning for vulnerabilities you can’t control

Supply chain examination: Planning for vulnerabilities you can’t control

December 7, 2019
Procurement Project Manager job with Camden London Borough Council

Procurement Project Manager job with Camden London Borough Council

February 17, 2020
Art Battle Wichita Falls III at The Warehouse, 1401 Lamar.

Art Battle Wichita Falls III at The Warehouse, 1401 Lamar.

0
Global Industry Analysis, Size, Share, Growth, Trends, and Forecasts 2016–2024 – ZMR News Reports

Global Industry Analysis, Size, Share, Growth, Trends, and Forecasts 2016–2024 – ZMR News Reports

0
PHOTOS: Ottawa firefighters respond to warehouse fire

PHOTOS: Ottawa firefighters respond to warehouse fire

0
Last Mile Delivery Market Worth Observing Growth | UPS, FedEx, SF Express

Last Mile Delivery Market Worth Observing Growth | UPS, FedEx, SF Express

April 23, 2024
Top 5 Spend Analysis Software ranked in 2024

Top 5 Spend Analysis Software ranked in 2024

March 1, 2024
How Tesla And BMW Are Leading A Supply Chain Renaissance With Blockchain

How Tesla And BMW Are Leading A Supply Chain Renaissance With Blockchain

January 19, 2024
  • Privacy Policy
  • Terms of Use
  • Disclaimer
  • DMCA
  • Contact Us

Copyright © 2024 United States International Supply Chain Commission (usiscc.org)

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Non-necessary

Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.

SAVE & ACCEPT
No Result
View All Result
  • Supply Chain
  • Logistics
  • Warehousing
  • Procurement
  • Shipping
  • More
    • Strategic Sourcing
    • Spend Analysis
    • Inventory
    • Contact Us

Copyright © 2024 United States International Supply Chain Commission (usiscc.org)