INTELLIGENT TECHNOLOGY: CYBERSECURITY

Following strong support in a public consultation, the UK government is advancing new measures to ban ransomware payments across the public sector and improve incident reporting and resilience.

The proposals are part of the government’ s Plan for Change to defend businesses, services and infrastructure against cyberthreats to better protect the public.

Under the proposals, businesses not covered by the ban would be required to notify the government of any intent to pay a ransom. The government could then provide those businesses with advice and support, including notifying them if any such payment would risk breaking the law by sending money to sanctioned cybercriminal groups.

Mandatory reporting is also being developed, which would equip law enforcement with essential intelligence to hunt down perpetrators and disrupt their activities, allowing for better support for victims. Consultation responses showed strong support for a new mandatory reporting regime to better protect British organisations and industry.

The UK government pitches the new package of measures as‘ leading the way’ in tackling ransomware, following an extensive consultation with stakeholders which showed strong public backing for tougher action to protect vital services.

UK Security Minister Dan Jarvis said:“ By working in partnership with industry to advance these measures, we are sending a clear signal that the UK is united in the fight against ransomware.”

in the event of a successful ransomware attack. This includes having offline backups, tested plans to operate without IT for an extended period and a well-rehearsed strategy for restoring systems from backups.

Recent attacks have exposed the alarming vulnerability at the core of UK public and private institutions, from flagship retailers and essential supermarkets to NHS hospitals.

UK National Cybersecurity Centre Director of National Resilience Jonathon Ellison said:“ Ransomware remains a serious and evolving threat, and organisations must not become complacent. All businesses should strengthen their defences and be prepared to respond to incidents, recover quickly and maintain continuity if the worst happens.”

Matt Cooke, Cybersecurity Strategist, Proofpoint, said:“ Ultimately, what we’ ve got is cybercrime, which is fuelled by money. Whilst that money is readily available, cybercrime will continue in the same way as every other crime on the street. That’ s why the government’ s new plan to ban ransomware payments for our critical services and public bodies is such a vital step. The big challenge, though, is that ransomware generally starts with a person in an organisation being targeted. It wouldn’ t be hard for someone to find your email address and target you.

In addition to the proposed new measures, the UK government continues to urge organisations across the country to strengthen their ability to maintain operations

“ We need to tackle that challenge on two fronts: making it harder for attackers to get in and ensuring ransomware payments dry up.” p

28 INTELLIGENTCIO EUROPE www. intelligentcio. com