National Security Operations Centre

The National Security Operations Centre (SOC) for NHS Scotland provides a range of security monitoring and response capabilities for our national services and across all health boards in Scotland.

How Security Operations Centre can help

Security monitoring and response

We identify and respond to potential threats using tools such as:

• Windows Advanced Threat Protection (ATP)
• Security Information and Event Management (SIEM)
• Vulnerability scanners
• NCSC Active Cyber Defence.

Alert investigation

Our analysts review alerts from a range of sources. We work with health boards across NHS Scotland as well as suppliers, security partners and NHS Digital (England) to resolve issues.

Security collaboration

The SOC works with security peers in partnership and external organisations to respond to threats. We run a national public sector security operations centre leaders group in Scotland. The SOC also works with National Cyber Security Centre (NCSC) analysts on a daily basis to dig deeper into threats that could impact NHS Scotland.

Incident handling

When an incident does occur, we are ready to provide prioritised actions to help health boards tackle the threat. These include:

• Tracking and tracing affected infrastructure
• Real time configuration to contain or address incidents
• Engaging expert support, such as digital forensic expertise, from third parties.

Get in touch

Contact the National Security Operations Centre at nss.infosecurity@nhs.scot or call 0131 275 6000.

Our address is: