Home Workforce NHS Digital appoints first Chief Information Security Officer

NHS Digital appoints first Chief Information Security Officer


In order to meet the government’s new minimum cybersecurity standards, NHS Digital named Robert Coles as the new chief information security officer (CISO). Starting his job from October 2018, Coles will lead the healthcare sector’s response to cyber-attacks.

Previously, Robert served as a CISO at GlaxoSmithKline for four years and previously held the same posts at National Grid and investment bank Merrill Lynch.

The appointment comes after the ‘lessons learned review of the WannaCry ransomware attack’ authored by NHS England’s CIO Will Smart. The review stated 22 recommendations, including the appointment of a CISO to work alongside the Department of Health and Social Care, NHS England, NHS Improvement, and NHS Digital.

“The role will lead national cyber working groups, help inform policy and drive improvements and standardization,” the review stated.

Speaking on the appointment, Deputy Chief Executive of NHS Digital Rob Shaw said, “We have listened to the recommendations made in the lessons learned review into last year’s WannaCry attack and acted on the commitment we made to the public a former GlaxoSmithKline security chief Robert Coles has been named the new chief information security officer (CISO) at NHS Digital Accounts Committee to appoint someone to lead the national cyber and security agenda for health and care. Robert will build on the excellent work that the NHS Digital Data Security Centre has already done to reach out across the health and care to support improved cybersecurity across the system.”

In his role, Robert Coles will work with CEOs and CIOs of local healthcare organizations to ensure they meet the government’s minimum cybersecurity standards and Cyber Essentials Plus (CE+) certification.

The WannaCry Ransomware hit Microsoft Windows OS during May 2017. It affected the operations of nearly 200,000 systems across 150 countries. The National Health Services hospitals in England and Scotland were amongst the worst affected; the impact included disturbing critical devices like MRI scanners, blood-storage refrigerator, even theatre equipment.

On October 27, 2017, the United Kingdom claimed that it believes that North Korea was behind the devastating cyber-attack. WannaCry malware that led to havoc across the world did grievous temporary damage to the network security of Britain’s National Health Service (NHS).