Blog: Cyber Security in Healthcare, Innovative Health Working Group, June 2025
Right at the end of June, the West Midlands’ Cyber and HealthTech Groups came together to present a workshop for a mixed audience about cyber security in the health sector. It was co-chaired by Perninder Dhadwar, Chair of the Innovative Health Working Group and Wayne Horkan, Cyber Tzar.
Our Executive Chair, David Kidney, was present and spoke and so too Cliff Dennett, Chair of Innovation Alliance West Midlands.
The multiple complexities of keeping any computer system safe and secure very much read across to the health sector. In health systems, standalone mechanical devices have increasingly become connected to cloud-dependent systems, but managing security has not kept pace with the changes that are sweeping through the sector, especially in the NHS think Software as a Medical Device, virtual wards, wearables and much more.
We have witnessed frightening cyber threats that have literally shut down life-saving equipment. Just recall last year’s Synnovis ransomware cyber-attack that closed down essential services at Guys and St Thomas’. We shouldn’t be treating security as just an IT problem, we must flip the script – turning every nurse, doctor, and technician into a frontline cyber defender.
In health, the counter-challenge is that clinical staff often need instant access during emergencies and at times of almost overwhelming demand for routine care. Multiple layers of authorisation will hold up delivery of urgently-needed care, leaving everyone involved to wrestle with how to ensure security when healthcare workflows demand speed over security.
There’s also a skills gap – biomedical engineers making network decisions, IT teams who lack competence to interact with medical devices, and cyber education across the workforce. Partnerships between the manufacturers/suppliers and the health sector customers offer the best route to deliver upskilling at the scale needed. Potentially, there may be a role for the regulator, MHRA, to set standards covering operational realities as well as procurement standards.
At WMHTC, we want to unleash bold health innovation – but not at the expense of making patient/consumer data a hacker’s playground. With an ambitious new 10-year plan unveiled for the NHS, now is the time to address outdated tech, skills gaps and regulation. It’s time to tackle what is really holding us back, break through these barriers and achieve real change.