They say our most valuable assets are our health and wealth. But while the banking sector has invested heavily in protecting financial data, the healthcare industry still faces challenges in safeguarding medical information. As the NHS introduces new technologies and digital capabilities as part of the Plan for Change, there is an opportunity to draw lessons from industries that have been forced to adapt quickly to cyber threats.
Financial services offer up a good example. The sector faces huge pressure to protect sensitive data and prevent fraud. Over the past two decades, cybersecurity and operational resilience have been a priority for banks. Especially as physical branches continue to close at a steady rate, with 377 closures currently pencilled in for 2025, banks are more reliant on online platforms, with a need to protect.
Meeting the advancing cyber threat
Digital enablement has advanced rapidly because of the high financial risks associated with breaches and customer demand. In response to increased exposure to cyber threats, banks have embraced a proactive cybersecurity model and adopted multi-layered security measures. This includes implementing robust identification, advanced threat protection, and continuous staff training. These measures are not just about securing accounts, they are also about instilling consumer confidence.
The NHS, despite being a single entity, functions as a highly distributed system with many independent organisations and departments operating in different ways. This fragmentation makes standardising cybersecurity far more complex. The cyber threat to UK government is increasingly severe and advancing quickly, successful attacks can have a devastating impact on people’s lives, leading to missed appointments and cancelled procedures.
Healthcare data breaches can be just as, if not more, damaging than financial breaches. Unlike in banking, where fraud can often be reversed, a compromised patient record is irreversible. Yet levels of legacy technology in the NHS remain anywhere from 10% to 70%, elevating cyber risk and increasing vulnerability. Given that 60% of UK citizens worry about cyber-attacks disrupting NHS services, there is both a public expectation and a pressing need for stronger defences. So, what lessons can NHS organisations learn and how can they build cyber resilience?
Bridging the skills gap
A major challenge in both healthcare and financial services is the cybersecurity skills gap. However, banks have proactively addressed this by investing in specialist teams and working closely with technology providers. In contrast, a recent report from the National Audit Office revealed that many government departments, including NHS organisations, struggle to attract and retain cyber talent due to limited salaries and restrictive civil service recruitment processes.
While the NHS’ primary mission is to provide healthcare, cybersecurity is now a fundamental pillar of patient safety. Expecting NHS staff, who are not IT specialists, to manage increasingly complex cyber threats is neither practical or sustainable. Instead, outsourcing to cybersecurity experts and forming strategic partnerships with technology partners will be crucial. These technology partners have the resources, expertise, and continuous threat intelligence to stay ahead of emerging cyber risks, ensuring that NHS systems remain protected.
Lessons in identification, monitoring and testing
To strengthen cybersecurity resilience, NHS organisations must take a structured and proactive approach. An important first step is understanding what needs protection. This begins with comprehensive asset identification, mapping out critical systems, patient records, medical devices, and IT infrastructure. Once identified, a thorough risk assessment should follow to highlight vulnerabilities, whether that’s ransomware, phishing, or insider threats. Without this foundation, cybersecurity measures risk being reactive rather than strategic.
The banking sector prioritises protection through multi-layered security measures that combine technology, policy, and human vigilance. The NHS must adopt the same mindset. Advanced endpoint security, encryption, and AI-driven threat detection should work together with robust access controls and network segmentation to limit the spread of attacks. Real-time monitoring is another essential layer. Security Information and Event Management (SIEM) tools can be deployed to detect and analyse suspicious activity before it escalates. Automated alerting, anomaly detection, and well-defined incident response protocols ensure that breaches are identified and contained swiftly.
Cyber threats evolve constantly, and regular testing is key to maintaining resilience. Healthcare organisations should conduct penetration testing at least twice a year to uncover system weaknesses, alongside IT health checks to assess overall cybersecurity readiness. Process audits must ensure compliance with industry best practices, including NCSC guidelines, ITIL, and ISO 27001 standards.
A sense of urgency
Ultimately, cybersecurity can’t be an afterthought. As the highly anticipated 10-year plan looks to expedite the NHS from analogue to digital, the pace of transformation won’t slow down. With electronic patient records, remote patient monitoring, and AI-driven diagnostics becoming the norm, the NHS’s cyber exposure is only set to increase. Just as we trust banks to protect our money, we must ensure the NHS is equally equipped to protect our health data.
As the financial sector has embedded security into its culture, the NHS must prioritise a security-first mindset at every level, from frontline healthcare staff to IT teams and leadership. By taking a structured, multi-layered, and continuously evolving approach, NHS Trusts can safeguard patient data, maintain public confidence, and ensure the resilience of digital healthcare systems.
