Free tickets to the public & voluntary sectors
Discount code PSI-IGPP

How can we ensure the safety of our patients if our healthcare systems are vulnerable to relentless cyber attacks? 

The digital health landscape is under unprecedented strain. In 2025, the National Cyber Security Centre (NCSC) dealt with 204 “nationally significant” cyber-attacks, an average of four major incidents every week. The UK government has responded by proposing strengthened laws to improve cyber-defences for essential services, including healthcare. At the same time, recent news reports confirm actual data breaches affecting NHS organisations, underlining the reality behind the stats and reinforcing the urgency for action. 

Many NHS trusts and care providers continue to rely on legacy infrastructure and systems that are increasingly vulnerable in today’s threat environment. The rapid adoption of connected medical devices and cloud-based systems expands the attack surface, while evolving supply-chain and third-party risks raise exposure from external providers. Furthermore, uneven cyber maturity across organisations and gaps in incident preparedness leave health services vulnerable to disruption and data loss. 

The Institute of Government & Public Policy's Annual Cyber in Health Conference and Exhibition 2026 has been designed around the current cybersecurity challenges in the NHS, strategies for resilience, cultural transformation, innovations in cybersecurity, the importance of collaboration and learning, and the outlook on emerging trends and potential threats in healthcare cybersecurity.  

Join the Institute of Government & Public Policy for the Annual Cyber in Health Conference and Exhibition 2026, which will explore strategies for minimising cybersecurity risks for health and social care organisations, safeguarding patient, service user, and staff data, and implementing measures to ensure rapid recovery from cyber attacks.

Agenda for the day.

9:30am
Chairs Opening Remarks

9:40am
From Legislation to Frontline: Delivering the UK Cyber Security & Resilience Bill in Health and Social Care

• Understand the policy direction shaping healthcare cybersecurity.
• Examine accountability at Board and system level.
• Explore supply chain and third-party obligations.
• Identify priorities for implementation across regions.

10:00am
Cyber Threats, Legacy Systems & NHS Vulnerability

• Assess the current cyber threat landscape facing healthcare
• Understand the risks posed by legacy infrastructure
• Evaluate system-wide cyber maturity

10:20am
Main Stage Sponsor Speaking Session

10:40am
Question & Answers Session

11:00am
Break & Networking

11:30am
Panel Discussion: When the System Goes Down: Incident Response, Recovery & Clinical Impact
The panellists of this session will be discussing the real-world clinical and operational consequences of cyber incidents across health and care systems. Drawing on recent experience and regional insight, they will explore how system outages impact patient safety, elective recovery, diagnostics and emergency services, as well as the leadership pressures faced during live cyber events. The discussion will examine crisis governance, communication strategies, recovery planning and business continuity frameworks, while also addressing difficult questions around accountability, transparency and ethical decision-making in the midst of disruption.

12:10pm
Main Stage Sponsor Speaking Session

12:35pm
Lunch & Networking

1:35pm
Data Protection, Patient Safety & Public Trust in a Cyber-Volatile NHS

• Understand the regulatory expectations surrounding data protection
• Examine cyber security as a patient safety issue
• Explore public trust and transparency

2:00pm
Future-Proofing Healthcare: AI, Supply Chain & Secure-by-Design Innovation

• Understand emerging cyber risks linked to AI and digital innovation
• Evaluate supply chain security and assurance models
• Explore secure-by-design principles
• Identify strategic opportunities for innovation with resilience

2:25pm
Break & Networking

3:00pm
Panel Discussion: Building a Cyber-Ready NHS Workforce: Culture, Capability & Leadership Accountability
The panellists of this session will be discussing how the NHS can build a sustainable, cyber-ready workforce capable of responding to evolving digital threats. The conversation will explore leadership accountability at board level, current capability gaps across systems, and the challenges of embedding cyber awareness beyond IT departments into frontline clinical and operational teams. Panellists will debate how to move from compliance-driven approaches towards a culture of shared responsibility, ensuring cyber resilience becomes an organisational priority rather than a technical afterthought.

3:40pm
Chairs Closing Remarks

3:45pm
Close