Skip to main content
Business Operations
Back to News
Group

Cyber Resilience in Action: Building a Connected, Capable, and Committed Healthcare Cybersecurity Community.

On 17 June, the HSE CISO Office and voluntary hospitals representatives convened at the Richmond Education and Event Centre for the second Cybersecurity Community of Practice (CoP) event. These sessions are dedicated to sharing knowledge and experiences, collaboration and relationship building. The event focused on the cornerstone of our digital defence: Cyber Incident Management.

What unfolded was more than a technical exchange. It was a powerful demonstration of how far we’ve come as a cybersecurity community, and how aligned we are in our shared mission to protect healthcare.

A Strategic Shift: From Response to Resilience

The HSE’s journey since the 2021 Conti attack has been one of transformation. We’ve moved from reactive recovery to proactive resilience, embedding cybersecurity into the DNA of our operations. This event marked another milestone in that journey, bringing together cybersecurity professionals, hospital IT leaders, and national partners to strengthen our collective readiness.

NSD + CSIRT: A Unified Cyber Front

One of the most significant developments showcased was the strategic alignment between the HSE National Service Desk (NSD) and the CISO-led Computer Security Information Team (CSIRT). Through close collaboration between the CSIRT and NSD we’ve created a single, coordinated point of contact for cyber incident management, ensuring that frontline staff, technical responders, and executive leadership are working from the same playbook.

This isn’t just operational efficiency, it’s a model for how cyber and clinical priorities can converge to protect patient care.

National Collaboration in Practice

The CISO Office’s collaboration with the National Cyber Security Centre (NCSC) continues to deepen. The HealthCORE and Operations teams brought a national lens to the event, sharing insights into real-world incident response and the evolving threat landscape. Their walkthrough of a recent incident underscored the value of pre-established relationships, shared intelligence, and rapid decision-making.

This is the essence of cyber resilience: not just technology, but trust.

A Realistic Test of Readiness: Collaboration in Action

One of the most powerful moments of the Cybersecurity Community of Practice event was the simulated cyber incident exercise, a scenario designed to mirror the complexity, urgency, and ambiguity of a real-world attack on healthcare infrastructure.

What made this exercise so impactful was the depth and breadth of collaboration it showcased. With participation from 18 voluntary hospitals, the HSE National Service Desk, the HSE CISO-led CSIRT, and the National Cyber Security Centre (NCSC), we delivered a realistic, structured, and highly coordinated response to a simulated but comprehensive cyber-attack.

This wasn’t just a theoretical drill. It was a stark reminder of the 2021 Conti ransomware attack, an event that not only disrupted Ireland’s national health service but also sent shockwaves through the global healthcare sector. That incident exposed the fragility of digital health systems and underscored the human cost of cyber unpreparedness.

In contrast, what we witnessed during this exercise was a demonstration of professionalism, clarity, and cohesion:

  • The National Service Desk reinforced its role as a frontline sentinel, ensuring early threat identification and rapid escalation.
  • The CSIRT team brought structure, speed, and strategic oversight, aligning technical response with clinical priorities.
  • The NCSC’s involvement added a national dimension, offering threat intelligence, coordination insights, and reinforcing the value of pre-established trust between healthcare and state cyber authorities.
  • And the hospital technology and cybersecurity leaders brought grounded, operational perspectives, ensuring that every decision was rooted in the realities of patient care and service continuity.

This exercise wasn’t just about testing systems, it was about validating relationships, refining playbooks, and building the confidence to act decisively when it matters most.

Cyber resilience isn’t built in isolation. It’s forged through collaboration, trust, and shared purpose, and this was a masterclass in what that looks like in practice.

NIS2: Raising the Bar, Together

As we look ahead, the EU’s NIS2 Directive is a defining force in shaping our cybersecurity posture. It raises the bar for governance, risk management, and incident response, especially for essentiawl entities like the HSE. But more than a compliance obligation, NIS2 is an opportunity: to elevate our standards, strengthen our partnerships, and embed cybersecurity into every layer of healthcare delivery.

We are fully committed to aligning with NIS2, not just to meet regulatory expectations, but to lead by example in building a secure, resilient digital health ecosystem.

International Perspective: Kelly Hood on NIST CSF

The event concluded with a keynote presentation from Kelly Hood, an internationally recognised cybersecurity expert. We welcomed Kelly, who dialled in from her home in Maryland, USA. Her talk focused on the application of the NIST Cybersecurity Framework (CSF) in cyber incident management. Kelly’s insights into aligning incident response processes with the NIST CSF resonated strongly with the audience, offering a structured and globally recognised approach to improving cyber resilience.

Her presentation underscored the importance of continuous improvement, stakeholder engagement, and the integration of cybersecurity into broader organisational risk management strategies.

A Community of Purpose

As CISO of the HSE, I’m proud of the momentum we’re building. Events like this are not just milestones, they’re markers of a growing, connected community committed to safeguarding healthcare. We’re not just responding to threats, we’re shaping a future where cybersecurity is a foundation for trust, innovation, and care.

Because when it comes to cyber resilience, it truly takes a village, one built on shared responsibility, trust, and purpose.

Let’s keep building. Together.