Sunday 01 September 2024
Internal Reference Number: FOI_8067
Date Request Received: 26/07/2024 00:00:00
Date Request Replied To: 29/07/2024 00:00:00
This response was sent via: By Email
Request Summary: Interest in the cybersecurity of the UK government
Request Category: Private Individuals
| Question Number 1: How many cyber incidents (threat and breach) occurred in the last two years (1st of July 2022-1st of July 2024)? | |
| Answer To Question 1: Please see attached exemption notice. | |
| Question Number 2: For each of the following cyber incident types, please indicate if your organisation experienced them in any month from the 1st of July 2022- 1st of July 2024. If yes, specify the month(s) in which they occurred: · Phishing attacks: Yes/No. If yes, which month(s)? · Ransomware attacks: Yes/No. If yes, which month(s)? · Distributed Denial of Service (DDoS) attacks: Yes/No. If yes, which month(s)? · Data breaches: Yes/No. If yes, which month(s)? · Malware attacks: Yes/No. If yes, which month(s)? · Insider attacks: Yes/No. If yes, which month(s)? · Cloud security incidents: Yes/No. If yes, which month(s)? · Social engineering attacks (excluding phishing): Yes/No. If yes, which month(s)? · Zero-day exploits: Yes/No. If yes, which month(s) | |
| Answer To Question 2: Please see attached exemption notice. | |
| Question Number 3: For each of the following supplier types, please indicate if any cyber incidents related to them occurred between the 1st of July 2022-1st of July 2024. If yes, specify the volume of cyber incidents that occurred: · IT service providers: Yes/No · Medical equipment suppliers: Yes/No · Software vendors: Yes/No · Cloud service providers: Yes/No · Data storage/management companies: Yes/No · Telecommunications providers: Yes/No · Security service providers: Yes/No · Managed service providers (MSPs): Yes/No · Third-party payment processors: Yes/No | |
| Answer To Question 3: Please see attached exemption notice. | |
| Question Number 4: During the period from 1st of July 2022 -1st of July 2024, did your organisation experience any of the following impacts due to cyber incidents? · Were any appointments rescheduled due to cyber incidents? Yes/No · Was there any system downtime lasting more than 1 hour? Yes/No · Did any data breaches occur? Yes/No · Were any patients affected by data breaches? Yes/No | |
| Answer To Question 4: Please see attached exemption notice. | |
| Question Number 5: What percentage of your cybersecurity budget is allocated to each of the following supply chain security technologies? Please indicate the percentage for each: · Third-party risk assessment tools: ___% · Vendor management systems: ___% · Supply chain visibility and monitoring solutions: ___% · Secure data sharing platforms: ___% · Multi-factor authentication for supplier access: ___% · Endpoint detection and response (EDR) for supplier systems: ___% · API security solutions: ___% | |
| Answer To Question 5: Please see attached exemption notice. | |
| To return to the list of all the FOI requests please click here |
Our staff at Salisbury District Hospital have long been well regarded for the quality of care and treatment they provide for our patients and for their innovation, commitment and professionalism. This has been recognised in a wide range of achievements and it is reflected in our award of NHS Foundation Trust status. This is afforded to hospitals that provide the highest standards of care.
