The UK government is poised to implement stringent measures against ransomware, specifically targeting crucial public services such as the NHS, local councils, and schools. A public consultation, which garnered support from almost 75% of respondents, has paved the way for these regulations, aiming to make paying ransoms illegal for these entities. Moreover, private businesses will need to report all cyberattacks and inform the government if they intend to pay a ransom.
This initiative seeks to dismantle the financial incentives driving cybercriminals by turning essential services into unprofitable targets. These policies are heralded as a significant step in fortifying national security and minimising disruptions to vital services and businesses.
Brian Sibley, Virtual CTO at Espria, stresses the importance of organisational support, stating businesses should deter cyber actors by implementing comprehensive security strategies and staff training. He emphasises cutting off the ransom "business model" at its core, a sentiment echoed by significant public backing and investigative coverage revealing the severe impacts of such attacks.
The National Cyber Security Centre advocates preventing attacks rather than responding post-incident. Sibley advises investing in robust systems, specialist training, and regular threat assessments for both large entities and SMEs to enhance security. He notes the potential for overnight disruption from ransomware, with lasting reputational and legal damage, highlighting the necessity for these precautions regardless of budget.
On the evolving role of cyber insurance, Sibley observes it becoming a compliance prerequisite, with insurers taking up quasi-regulatory functions in cybersecurity oversight. He recommends adopting frameworks like Cyber Essentials and maintaining compliance with ISO 27001 as tangible steps businesses can take.
Proactive security monitoring tools are vital, he explains, especially for smaller businesses reliant on managed service partners for advanced security solutions. Testing recovery strategies, including immutable backups, is crucial to ensure business continuity post-attack.
Sibley concludes with a clarion call for all organisations to enhance their security posture. In the current threat landscape, complacency isn't an option. Every organisation must strive for resilience and security.
