𝐓𝐡𝐞 𝐔𝐊’𝐬 𝐧𝐞𝐰 𝐫𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐩𝐨𝐥𝐢𝐜𝐲 𝐢𝐬𝐧’𝐭 𝐣𝐮𝐬𝐭 𝐚 𝐜𝐫𝐚𝐜𝐤𝐝𝐨𝐰n

Caute_cautim — Thu, 24 Jul 2025 00:31:51 GMT

Hi All

An interesting paper from the UK Home Office on a new ransomware policy:

Ransomware legislative proposals

Executive Summary
Overview
In the UK, ransomware is considered the greatest of all serious and organised cyber crime
threats and is deemed as a risk to the UK’s national security by the National Crime Agency
(NCA) and the National Cyber Security Centre (NCSC)1.

In January 2025, the Home Office launched a consultation on a package of proposals to
reduce the threat that ransomware poses to the UK economy. Alongside the consultation,
significant stakeholder engagement took place. The three proposals that were consulted
on are:

1. A targeted ban on ransomware payments for owners and operators of regulated-
critical national infrastructure and the public sector.
2. A ransomware payment prevention regime.
3. A mandatory incident reporting regime.
If progressed, this package of proposals would be the first specific measures in UK law to
counter ransomware.

Regards

Caute_cautim

topic 𝐓𝐡𝐞 𝐔𝐊’𝐬 𝐧𝐞𝐰 𝐫𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐩𝐨𝐥𝐢𝐜𝐲 𝐢𝐬𝐧’𝐭 𝐣𝐮𝐬𝐭 𝐚 𝐜𝐫𝐚𝐜𝐤𝐝𝐨𝐰n in Governance, Risk, Compliance

𝐓𝐡𝐞 𝐔𝐊’𝐬 𝐧𝐞𝐰 𝐫𝐚𝐧𝐬𝐨𝐦𝐰𝐚𝐫𝐞 𝐩𝐨𝐥𝐢𝐜𝐲 𝐢𝐬𝐧’𝐭 𝐣𝐮𝐬𝐭 𝐚 𝐜𝐫𝐚𝐜𝐤𝐝𝐨𝐰n