About Advanced Threat Protection programme
This programme has been developed in partnership with NHS Digital, with the aim to upskill NHS administrators to use the Microsoft Advanced Threat Protection (ATP) service. This new service, purchased centrally by the Department of Health and Social Care, is for the benefit of local NHS organisations and the NHS as a whole. It is part of a broader portfolio of data and cyber security services managed by NHS Digital.
ATP monitors telemetry generated by Windows 10 and Windows Server 2019 as well as previous Windows versions via the Microsoft Monitoring Agent. This telemetry is sent to a central collector where algorithms are used to look for any abnormal operating behaviour. If an abnormality is discovered alerts are generated in the ATP Portal for review by the nominated ATP Administrators. Additionally, ATP can be configured to send alert notifications by email. ATP can be configured automatically, on a per organisation basis, to isolate a machine to stop any malware infection spreading.
Administrators across the NHS need to be upskilled in using ATP’s features and its dashboards so they can improve their organisational resilience to cyber security threats.
The following sessions are available:
1. Introduction to ATP
2. Threat Analytics
3. Threat and Vulnerability Management
4. Understanding Alerts and Incidents
5. Managing ATP Incidents and Alerts
6.Using Power BI to Access ATP’s Reporting APIs
Further sessions are planned in the future.
Meet the team
Alex Drinkall
HEE elfh Stakeholder Manager
Andi Blackmore
Programme Manager, HEE elearning for healthcare
Andy Summers
Service Lead (Advanced Threat Protection)
Geoff Young
Microsoft Defender Advanced Threat Protection Specialist, NHS DigitalJohn McGhie
Service Lead Live Services, NHS DigitalLeanne Hargreaves
HEE elfh Stakeholder OfficerPete Dyke
Program Head, Windows 10 and Advanced Threat Protection, NHS DigitalSarah Murphy
Cyber Security Engagement Senior Project ManagerSimon Dyson
Cyber Security Operations Centre – Lead
Vanessa Tregunna
Learning Designer, HEE elearning for healthcare
How to access
In order to access the Advanced Threat Protection programme, you will need an elfh account. If you do not have one, then you can register by selecting the Register button below.
To view the Advanced Threat Protection programme, select the View button below. If you already have an account with elfh, you will also be able to login and enrol on the programme from the View button.
Not an NHS organisation?
If you are not an NHS health or care organisation and therefore do not qualify for free access elfh Hub, you may be able to access the service by creating an OpenAthens account.
To check whether or not you qualify for free access via OpenAthens, you can view the eligibility criteria and register on the ‘OpenAthens’ portal.
Registering large numbers of users
If you are a HR, IT or Practice Manager and would like to register and enrol large numbers of staff within your organisation for access onto the Advanced Threat Protection programme, please contact elfh directly.
Organisations wishing to use their own LMS
For HR departments wanting to know more about gaining access to courses using an existing Learning Management System please contact elfh directly to express interest.
More information
Please select the following link for more information on how to use the elfh Hub.