Exploring the UK’s Ransomware Legislative Proposals

Exploring the UK’s Ransomware Legislative Proposals

On March 26, IST and the Ransomware Task Force hosted an in-depth discussion on the UK’s government recent open consultation on ransomware. The conversation focused on the UK's 3 proposals, all of which suggest significant changes to how ransomware incidents are reported and how ransomware payments are regulated: Proposal 1: A targeted ban on ransomware payments by all public sector bodies and regulated owners/operators of Critical National Infrastructure. Proposal 2: A broader ransomware payment prevention regime covering all potential payment originating from the UK. Proposal 3: A mandatory ransomware reporting regime, potentially including threshold-based reporting for suspected incidents. IST Adjunct Senior Policy Advisor and RTF Co-Chair Jen Ellis, Royal United Services Institute Research Fellow in Cyber Threats and Cyber Security Jamie MacColl, and IST Senior Director for Preparedness and Response Michael Klein joined a panel discussion about the practical and policy implications of these proposals.