Tuesday, 16 May 2017

Free cyber security training for the NHS

Yesterday's ransomware attack that infected so many trusts within the NHS was avoidable. There are complexities within that environment relating to updating software which I understand. Having said that though users are the first line of defence, as well as better filtering of emails before they arrive at users devices. I'm confident the patient data in the back end systems is safe. More can and should be done to prevent future attacks. Firebrand of course wants to help, training people quickly is the only reason we get out of bed in the morning.

Firebrand's cyber security portfolio of courses spans protection and detection as well as end user training. We are also unique in offering accelerated cyber security apprenticeships. As you probably know public organisations including the NHS need to have 2.3% of their staff on apprenticeship programs by 2020. A great way to spend their Apprenticeship Levy.

Firebrand would of course relish the opportunity of talking to any NHS trusts about cyber security training and apprenticeships. I appreciate this might seem like we're trying to profit from this situation. However I'm extremely proud of what Firebrand does. We've trained 65,000 people over 16 years. We've given them skills that make them better at their jobs or further their careers. I know what we teach on our courses makes businesses or government departments more secure, better prepared.

So I'm not going to apologise for this offer! We will give up to 10 NHS trusts one free cyber security course each in exchange for a meeting with a senior member of staff to discuss training and apprenticeships. We can bring a security expert with us if needed and we can explain the range of courses we offer and help you plan where you need skills. During the meeting we will figure out which free course you'll benefit most from. No strings other than agreeing to the meeting.

If you work for an NHS trust feel free to contact me via LinkedIn. The first 10 NHS trusts to contact me get the courses.

For background here's the video of my interview with BBC London News yesterday talking about what has happened at the NHS.




Friday, 12 May 2017

5 things you need to do after the NHS hack

NHS hospitals across England have been hit by a large scale cyber attack. A pop-up message demanding ransom in exchange for access to the infected machines.

NHS Digital said: “A number of NHS organisations have reported to NHS Digital that they have been affected by a ransomware attack which is affecting a number of different organisations".



Whilst it’s too late to stop the current hack, this is a wake-up call for all. In this post, we will identify the steps needed to secure your own information now and in the future.

This is what you need to do
Be wary of emails from the NHS:
 Now is the perfect time for cyber criminals to strike through a phishing attack. Avoid downloading or clicking links in any emails coming from NHS. Almost all malware is installed unknowingly by the victims themselves.

Change your passwords and security questions: Even if you haven't been hacked, change your password and security questions immediately. This is especially important if your email is connected in any way to your bank or a PayPal account.

Additionally, you should look to change the passwords in any other account that uses the same or similar security information. This ensures hackers cannot access other accounts through NHS information. It is also sensible to check your password recovery settings and ensure they have not been changed to a third party.

Avoid contacting your GP practice: Avoid contacting your GP practice unless absolutely necessary, your local pharmacy can provide free and fast advice for non-urgent conditions.

Update your security settings and run a security scan: This the time to make sure your computer is secure. Make sure you run a virus scan and have the most recent security updates on your operating system. If you don't have an anti-virus application, invest in a high-quality one like McAfee or Norton Antivirus. This is something you should be doing as best practice regardless of the issue.


Report it to the police: If you believe you have been hacked and are now the victim of identity theft or fraud, file a report with Action Fraud.

BBC report on Firebrand's police force cyber crime training

This morning, Firebrand Training’s unique Cyber Crime Pathways Programme featured on BBC Breakfast News.

The BBC covered an exclusive insight into how non-technical police officers are trained and skilled in the cyber security investigation and forensic techniques required to catch criminals.

The Cyber Crime Pathways Programme, delivered using our unique accelerated training approach, shows frontline police officers how to effectively respond to the rise in cyber crime across the UK.
Rory Cellan-Jones, the BBC’s leading technology reporter, watched as a team of police officers infiltrated a simulated hacker’s lair.

The high pressure scenario required the police to utilise their training to efficiently find hidden devices and collect the forensics evidence needed to identify the cyber criminal.

Interviewed on BBC, DC Steve Mersh said: “It’s a case of learning the practical skills that we can utilise, no different to a finding a gun at a crime scene that we can make safe from the public and attribute to the criminal”.



Missed it this morning?


Since the Cyber Crime Pathways Programme launched in 2014, Firebrand has trained 659 police officers across 80% of all police forces in the UK. Part of the 960 accelerated courses taken by police are hands-on, practical crime scene simulations like those featuring in the BBC programme.
At a time when you’re more likely to be a victim of a cyber crime than any other offence, the UK is dedicated to upskilling their force to combat this growing threat.

“Back in the day, the officers would simply turn up and literally just pull the electricity supply out of the back of the computer, bag it, tag it and send it away for a forensic investigation which could take months before they got back with anything meaningful” says Phil Chapman, Lead Cyber Security Instructor at Firebrand Training.

Phil continued: “We’re proud to provide accelerated cyber security training to local police forces across the UK. Cyber crime is one of the largest threats to businesses and consumers today - our police need the know-how to respond to this unique form of criminality.

“Firebrand has developed an amazing partnership with local police forces across the UK and we’re excited to share our ongoing work with the BBC.”

Get the skills you need, fast


It's not just the police force that need to prepare for the growing threats of cyber attacks. With two-thirds of large UK businesses the victim of a cyber attack in the past year, it's time you secured your business.

Get the cyber security skills you need to defend your organisation, fast. Choose from 50+ accelerated cyber security courses covering the full requirements of your business across technologies and disciplines.