Robert Coles, appointed as CISO at NHS Digital three months ago, has stepped down from the role, according to media reports.
Coles was appointed in September 2018 as the NHS’s first ever CISO after the position was created in response to the WannaCry attack in 2016. He took up the position on 1 October.
The creation of a CISO role for NHS Digital was one of the ‘lessons learned’ from WannaCry, highlighted in a report into the incident.
The announcement was made in an email to staff in which deputy chief executive Rob Shaw said that Coles was stepping down for "personal reasons" and that he had accepted his resignation "with great regret".
"I am very sorry not to be able to continue in my role at NHS Digital," Coles said. "I have enjoyed working with the very talented and passionate cyber security team at NHS Digital and seeing the commitment to improving cyber resilience across the health and care system. I wish everyone involved in building greater cyber resilience in the NHS the very best as they take this critical work forward."
Coles’ responsibilities were to devise a cyber-security strategy for NHS Digital and coordinate responses to security incidents.
He has a career spanning 30 years in information security including most recently four years at GlaxoSmithKline. Prior to that he worked for the National Grid and Merrill Lynch.