When people think about ransomware, they usually picture malicious software, criminal gangs and technical countermeasures. Patching, backups and multi-factor authentication all matter, but recent moves by the UK’s National Health Service suggest that healthcare organisations are beginning to focus on a more fundamental problem, that of supplier risk. In May 2025, NHS England warned suppliers
