Lessons from Synnovis: Responding to a cyber security attack

In June 2024, a ransomware attack on pathology provider Synnovis, severely disrupted clinical services across London for months, impacting the diagnosis and treatment of thousands of patients. In response to the attack NHS London declared a regional incident, working with neighbouring providers and national partners to manage disruption. 

The Synnovis incident – and the response of NHS digital leaders – is a fascinating case study in crisis management with lessons for all leaders. At Rewired 2025, Denis Lafitte, CIO at King’s College Hospital and Guys’ and St Thomas NHS FT will lead a deep-dive session, discussing the trust’s response and the lessons learned from surviving the Synnovis cyber-attack. 

The full scale of the attack – and its impact on services – unfolded rapidly, requiring clear communication and immediate action from digital leaders. In his session, Lafitte will take us inside the incident room, describing why NHS digital leaders must act decisively during a major incident – maintaining service delivery and minimising the impact on patients. 

As pathology services return to normal, Lafitte can reflect on the experience and share valuable insights into their response – as well as their planning and preparation for future potential attacks. 

Lafitte has worked as CIO at King’s College Hospital and Guys’ and St Thomas NHS FT since 2022, after previously serving as CDIO. A highly skilled digital technology and transformation leader, as well as several NHS posts, Lafitte has worked as head of digital transformation at Spire Healthcare Group. 

Lafitte’s session will take place on 18 March 2025, 12:15 on the Cyber Security and Infrastructure Stage. Other highlights from the stage include NHS cyber chief Mike Fell’s keynote, panel session on multi-disciplinary approach to cyber incidents and a fireside chat pitting NHS CISOs vs a blue hat hacker.