NHS' first cyber chief resigns after three months

A memo to staff at NHS Digital, seen by HSJ, shows that Robert Coles, the organisation’s first chief information security officer, has resigned. He would return to working as an independent cyber security consultant “in the coming months”, the memo added.

In the memo, NHS Digital deputy chief executive Rob Shaw said the resignation was “due to personal reasons which mean that he [Mr Coles] is no longer able to continue in his role”.

Mr Shaw continued: “We have enjoyed working with Robert, and his resignation is accepted with great regret. I would like to personally thank him for the passion he brought to the role and the early progress he has made in developing the system-wide cyber strategy.”

Mr Coles started in the role on 1 October and has previously held similar roles at GlaxoSmithKline, the National Grid and Merrill Lynch. NHS Digital has national responsibility for monitoring and assessing cyber threats to the NHS.

A review into the NHS response to the 2017 WannaCry cyber attack criticised, among other things, the coordination of NHS central bodies and recommended the creation of Mr Coles’ role partly to address this shortfall. 

In the memo, Mr Coles said: “I am very sorry not to be able to continue in my role at NHS Digital. I have enjoyed working with the very talented and passionate cyber security team at NHS Digital and seeing the commitment to improving cyber resilience across the health and care system.”

Mr Shaw said recruitment for a replacement for Mr Coles would start immediately.