EXCLUSIVE: NHS strengthens cybersecurity resilience following legacy of WannaCry

The NHS is continuing to strengthen its cybersecurity posture, as organisations across the health system respond to an increasingly complex and persistent threat landscape.

“Cyber is often seen as part of an IT budget, but it’s really a people, process, and technology challenge,” Rosie Underwood, HealthCare Client Group Director at Daintta, told Building Better Healthcare.

We need to treat it as its own discipline.

Daintta is a cybersecurity consultancy that partners with NHS organisations nationally and regionally to strengthen their data and cyber capabilities and close compliance gaps.

It’s been nearly a decade since the 2017 WannaCry cyberattack, the most significant cyber incident to impact the NHS.

The WannaCry cyberattack was a global ransomware attack that severely disrupted the NHS by locking staff out of systems, forcing a return to paper processes, cancelling appointments, and impacting services such as ambulance handovers, diagnostics, and patient records access. 

Sector leaders say progress has been substantial since 2017, but challenges remain, particularly around funding, legacy infrastructure, and clearly demonstrating how cyber risks translate into impacts on patient care.

What did WannaCry set in motion?

The 2017 WannaCry ransomware attack marked a turning point for healthcare cybersecurity. 

While not targeted specifically at the NHS, it caused widespread disruption across services, with some organisations forced to shut down systems entirely.

The incident exposed vulnerabilities across digital infrastructure and accelerated investment in cyber capabilities across the NHS.

“Cybersecurity just wasn’t as well known or funded before that point,” said Underwood.

Following WannaCry, there was a clear increase in both funding and resources. 

Since then, NHS organisations have significantly improved their operational capabilities, including better system visibility and coordinated national responses to incidents.