3-Day Instructor-Led Programme
A practitioner programme for NHS and healthcare security professionals covering nation-state targeting, medical device vulnerabilities, DSPT and NCSC CAF alignment, and clinical incident response. Develop the skills to protect DICOM, PACS, and medical IoT systems, segment clinical networks effectively, and manage a ransomware incident in a live healthcare environment.
Duration
3 Days
Price
$3,495
Healthcare is explicitly targeted by nation-state actors including APT42, Charming Kitten, and IRGC-affiliated groups. Patient data, medical research, and the operational dependency of clinical services on connected technology make healthcare one of the most consequential targets in the critical infrastructure landscape. The WannaCry attack and the 2026 Stryker incident demonstrated that ransomware in healthcare directly affects patient safety, not just data confidentiality.
Over three mentor-led days, participants identify and mitigate the attack vectors most commonly used against healthcare, protect DICOM, PACS, and medical IoT systems against intrusion, apply DSPT and NCSC CAF to NHS environments, design clinical and administrative network segmentation, and develop incident response plans calibrated to clinical operational constraints.
The programme concludes with a tabletop exercise simulating a ransomware attack on a hospital network during active clinical operations, requiring participants to manage response, communicate with clinical leadership, and restore services under realistic time pressure. This course is aligned with NHS DSPT requirements, NCSC CAF for healthcare, and NHS cyber resilience standards.
Medical IoT and DICOM attack surface analysis exercises, NHS network segmentation design workshop, DSPT gap assessment practical, and a hospital ransomware tabletop capstone.
Practitioner-led analysis of Charming Kitten NHS targeting methodology, WannaCry NHS post-mortem, and DSPT compliance mapping with live commentary on the current healthcare threat landscape.
DSPT compliance implementation, NCSC CAF for healthcare, medical device security assessment, clinical network segmentation design, and incident response in patient-facing environments.
Identify and mitigate the attack vectors most commonly used against NHS and healthcare organisations.
Apply DSPT requirements and NCSC CAF outcomes to NHS operational environments in practice.
Protect DICOM, PACS, and medical IoT systems against nation-state and ransomware intrusion vectors.
Design clinical and administrative network segmentation appropriate to a complex NHS environment.
Design and test an incident response plan calibrated to the constraints of a live clinical environment.
Communicate cyber risk and incident status effectively to clinical, executive, and regulatory audiences.
Design a staff awareness programme that functions within NHS clinical workflow and shift constraints.
Professional experience in NHS IT, healthcare security, clinical informatics, or data protection.
Basic understanding of network security concepts including segmentation and access control.
Familiarity with the NHS operational environment and the constraints of clinical workflow.
Step-by-step learning journey from basics to professional practice
Master these in-demand skills through hands-on practice
A clear view of the roles this programme supports, what typically comes next, and where learners progress over time
Choose the learning format that works best for you and your team
Instructor-Led Training
Join live instructor-led sessions from anywhere. Interactive, engaging, and flexible.
Price per person
Group enrolments and early planning options available.
All prices are exclusive of VAT where applicable. Group enrolments and custom packages available on request.
Not everyone learns best in a group. If you want focused guidance, faster clarity, and confidence you can use on the job, our 1-to-1 Fast-Track Training gives you private, mentor-led support tailored to your experience and goals.
"Many learners choose 1-to-1 when they want understanding, not memorisation."
Everything you need to know about the certification exams
You will receive an Xcademia certificate of completion based on participation and successful completion of labs and scenario simulations.
Everything you need to know about this course
Yes. While the programme uses NHS frameworks including DSPT and NCSC CAF for healthcare, the threat actor content, medical device security, and incident response material apply equally to private sector healthcare organisations.
Take the next step in your professional development