Explaining his decision, Coles said: “I am very sorry not to be able to continue in my role at NHS Digital. I have enjoyed working with the very talented and passionate cybersecurity team at NHS Digital and seeing the commitment to improving cyber-resilience across the health and care system.”
NHS Digital CISO Resigns After Three Months
A memo circulated by NHS Digital’s deputy CEO, Rob Shaw, claims Coles’ departure was due to personal reasons.
The first chief information and security officer (CISO) for NHS Digital, Robert Coles, has resigned after just three months in the position.
A memo circulated by NHS Digital’s deputy CEO, Rob Shaw, reportedly claims Coles’ departure was due to personal reasons.
Shaw also told staff that the search for a replacement CISO would begin immediately.
“We have enjoyed working with Robert, and his resignation is accepted with great regret,” the memo reportedly read. “I would like to personally thank him for the passion he brought to the role and the early progress he has made in developing the system-wide cyber strategy.”
Coles joined NHS Digital in October 2018, having previously worked at GlaxoSmithKline in the same role. Coles also held similar roles at the National Grid and Merrill Lynch and will return to working as a cybersecurity consultant, the memo claimed.
His departure could deal a significant blow both to NHS Digital and efforts to improve cybersecurity standards across the NHS.
The role itself was created following recommendations by NHS England CIO Will Smart who underlined the need for greater cybersecurity standards in the wake of the 2017 WannaCry attack.
Nearly 20,000 operations and appointments were cancelled due to the ransomware attack, which severely disrupted NHS operations across the UK.
One-third of NHS England’s trusts were disrupted, with more than 600 primary care and various NHS organisations were infected by the ransomware.
This is estimated to have cost the health service more than £90 million. Significant losses were incurred due to staff being locked out of systems and unable to access critical information.
The NHS has reportedly spent £72 million – and rising – on extra IT support following the WannaCry attack.