STAGING

Next Event: DSPT 2024-2025 for NHS Trusts, Integrated care boards, Commissioning support units and Arm’s length bodies

View Event

Search Digital Care Hub

Cyber Resilient Care: Support to small providers 

Small care providers with up to 50 members of staff are being offered free, expert support to check and improve their cyber resilience. 

Following a successful bid for Department of Science, Innovation and Technology’s Cyber Local funding, Digital Care Hub together with national experts and four of our local support organisations, are offering free, facilitated exercises, cyber vulnerability checks and webinars to small providers in the South West, West Midlands and North West.  

The project is being run between January and March 2025. Our local support organisations are inviting small adult social care providers in their regions to take part:  

  • Partners in Care Dorset and the Registered Care Providers Association, Somerset: for care providers across the South West.  
  • West Midlands Care Association: for care providers across the West Midlands. 
  • Liverpool Social Care Partnership: for care providers across the North West.

Benefits 

Our Cyber Resilient Care support is free, tailored and delivered by cyber security and social care experts.  

It is based on officially-recognised resources and processes including exercises developed by the National Cyber Security Centre and the police-led Cyber Resilience Centres. We have adapted these resources to meet the needs of small adult social care providers in England, with support from the Institute of Public Care (IPC) at Oxford Brookes University.

The support will enable care providers to: 

  • train staff to recognise and manage the most likely cyber incidents in their service 
  • check and improve the vulnerability of their IT systems and devices 
  • reassure commissioners, funders, regulators, insurers, staff and people using services that they are taking steps to improve their cyber security with support from reliable cyber experts. 

Support offered

Our Cyber Resilient Care support includes: 

  • Cyber workshops for staff and managers using a series of exercises based on the Government’s National Cyber Security Centre which we have tailored to adult social care providers. 
  • Cyber vulnerability assessments, including scans of internal and external IT systems, security settings and devices. 
  • Cyber incident webinars based on typical cyber security incidents.

Cyber workshops 

These in-person workshops are designed to identify the provider’s potential responses to an unfolding cyber incident. They include table-top exercises featuring a range of scenarios and settings based on the type of organisation and services that the provider offers. 

The sessions will be delivered to ten providers in each region. We will prioritise services that are registered with the Care Quality Commission, and also small day care services. The workshops will be facilitated and managed by our local support organisations.  

For example, homecare services may be particularly interested in use of public Wi-Fi or staff use of their own devices, whereas care homes may be more concerned about the impact of a power cut on access to data. 

The exercises could cover: 

  • sending a phishing email and seeing who clicks on it and how it was reported/what done (that possibly leads to a ransomware attack if clicked on)  
  • mimicking a major power cut or loss of access to data due to a cyberattack on a supplier’s software 
  • losing a laptop or mobile phone – including staff’s own devices used for work purposes 
  • being hacked from a public Wi-Fi login or because a software update was not implemented 
  • a supplier’s software being compromised, and usernames and passwords have been stolen.

Our local support organisations will prepare and facilitate the exercises in-person during a one-day visit to the care setting or office. It will involve administrators, care workers and managers.  

Cyber vulnerability assessments 

We are offering up to ten care organisations in each of the three areas a more detailed assessment of their vulnerabilities, together with a report on weaknesses, risks and impacts and guidance on how to improve. We will prioritise services that are registered with the Care Quality Commission, and also small day care services. This service will be delivered in partnership with the local police-led Cyber Resilience Centres. All of the assessments can be carried out remotely.   

The assessments will be tailored to the provider’s specific needs and will cover both internal, and if appropriate, external IT systems. For example, it could cover: 

  • servers managed in-house or by a third party 
  • cloud-based systems and servers 
  • a sample of devices, such as desktops, laptops, and mobile devices 
  • internet security settings 
  • security settings in the organisation’s Microsoft 365 or Google Cloud environment. 

We will provide a verbal feedback session and a full written report to each care provider. 

Cyber incident webinars

We will run two webinars in each of the three regions. The webinars will go through a cyber incident in real-time. Participants will vote on what they should do next at each stage of the scenario.

These webinars will be open to small CQC-registered and non-registered services.

The sessions will be tailored to each region and delivered by Digital Care Hub in partnership with the region Cyber Resilience Centre.

Dates will be published on our Events pages. Please register for our newsletter to receive updates.

Eligibility 

Our local support organisations are proactively contacting relevant care providers in their region. If you have not been contacted by mid January 2025 and you meet all the following criteria, you can contact the relevant local support organisation, but we cannot guarantee that we will be able to provide you with support.

To be considered, you must:

  • Provide social care services to adults. The workshops and assessments are for CQC registered services and also day care services. The webinars are open to all small providers.
  • Employ up to 50 full-time equivalent members of staff across your organisation. This includes admin, management and care staff. 
  • Be based in either the South West, West Midlands or North West of England.  

South West 

Areas covered: Dorset, Bournemouth, Christchurch, Poole, Somerset, Bath & North East Somerset, Bristol, South Gloucestershire, North Somerset, Devon, Plymouth and Torbay, Gloucestershire, Cornwall and Isles of Scilly, Wiltshire and Swindon. 

Local support organisations:

Partners in Care Dorset

Website https://www.picbdp.co.uk/ 

Email [email protected] 

Tel 01202 205847 

Registered Care Providers’ Association, Somerset

Website www.rcpa.org.uk/better-security-better-care/ 

Email [email protected]

Tel 01823 351630

West Midlands 

Areas covered: Birmingham, Coventry, Dudley, Herefordshire, Sandwell, Solihull, Walsall, Warwickshire, Wolverhampton and Worcestershire 

Local support organisation: West Midlands Care Association 

Website www.wmca.care 

Email [email protected] 

Tel 01384 943000  

North West 

Areas covered: Liverpool City Region, Sefton, Halton, Knowsley, St Helens, Wirral, Warrington, Cheshire East, Cheshire West/Chester, Lancashire, Blackpool, Blackburn and Darwen, Cumbria, Bolton, Bury, Manchester, Oldham, Rochdale, Salford, Stockport, Tameside, Trafford, Wigan. 

Local support organisation: Liverpool Social care Partnership (LSCP) CIC

Website www.lscpinfo.co.uk 

Email [email protected] 

Tel 0151-270-1703 

Better Security, Better Care. New Care Services

Latest News

View all News
View all News

Next Event

View all Events
June

17

January

15

View all Events