Internal Reference Number: FOI_8067
Date Request Received: 26/07/2024 00:00:00
Date Request Replied To: 29/07/2024 00:00:00
This response was sent via: By Email
Request Summary: Interest in the cybersecurity of the UK government
Request Category: Private Individuals
| Question Number 1: How many cyber incidents (threat and breach) occurred in the last two years (1st of July 2022-1st of July 2024)? | |
| Answer To Question 1: Please see attached exemption notice. | |
| Question Number 2: For each of the following cyber incident types, please indicate if your organisation experienced them in any month from the 1st of July 2022- 1st of July 2024. If yes, specify the month(s) in which they occurred: · Phishing attacks: Yes/No. If yes, which month(s)? · Ransomware attacks: Yes/No. If yes, which month(s)? · Distributed Denial of Service (DDoS) attacks: Yes/No. If yes, which month(s)? · Data breaches: Yes/No. If yes, which month(s)? · Malware attacks: Yes/No. If yes, which month(s)? · Insider attacks: Yes/No. If yes, which month(s)? · Cloud security incidents: Yes/No. If yes, which month(s)? · Social engineering attacks (excluding phishing): Yes/No. If yes, which month(s)? · Zero-day exploits: Yes/No. If yes, which month(s) | |
| Answer To Question 2: Please see attached exemption notice. | |
| Question Number 3: For each of the following supplier types, please indicate if any cyber incidents related to them occurred between the 1st of July 2022-1st of July 2024. If yes, specify the volume of cyber incidents that occurred: · IT service providers: Yes/No · Medical equipment suppliers: Yes/No · Software vendors: Yes/No · Cloud service providers: Yes/No · Data storage/management companies: Yes/No · Telecommunications providers: Yes/No · Security service providers: Yes/No · Managed service providers (MSPs): Yes/No · Third-party payment processors: Yes/No | |
| Answer To Question 3: Please see attached exemption notice. | |
| Question Number 4: During the period from 1st of July 2022 -1st of July 2024, did your organisation experience any of the following impacts due to cyber incidents? · Were any appointments rescheduled due to cyber incidents? Yes/No · Was there any system downtime lasting more than 1 hour? Yes/No · Did any data breaches occur? Yes/No · Were any patients affected by data breaches? Yes/No | |
| Answer To Question 4: Please see attached exemption notice. | |
| Question Number 5: What percentage of your cybersecurity budget is allocated to each of the following supply chain security technologies? Please indicate the percentage for each: · Third-party risk assessment tools: ___% · Vendor management systems: ___% · Supply chain visibility and monitoring solutions: ___% · Secure data sharing platforms: ___% · Multi-factor authentication for supplier access: ___% · Endpoint detection and response (EDR) for supplier systems: ___% · API security solutions: ___% | |
| Answer To Question 5: Please see attached exemption notice. | |
| To return to the list of all the FOI requests please click here |
Our staff at SA¹ú¼Ê´«Ã½ Hospital have long been well regarded for the quality of care and treatment they provide for our patients and for their innovation, commitment and professionalism. This has been recognised in a wide range of achievements and it is reflected in our award of NHS Foundation Trust status. This is afforded to hospitals that provide the highest standards of care.
