SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
United Kingdom

Guides

#
cloud security
#
cybersecurity
#
endpoint protection
#
firewalls
#
ransomware

Search

Digital illustration hooded figure computer lock symbol ransomware uk business cyber threats
#
Ransomware
#
Advanced Persistent Threat Protection
#
Risk & Compliance

UK leaders back ransomware bans but most would break rules

Wed, 6th Aug 2025
Author image
By Jed Nykolle Harme, Editor

Research from Commvault has shown that 75% of UK business leaders would risk breaking a proposed ransomware payment ban for the private sector if it were the only way to save their organisation, despite widespread support for the principle of such a ban.

The survey, conducted by Censuswide on behalf of Commvault, sampled 1,000 leaders from UK companies with revenues exceeding GBP £100 million. The findings expose a disconnect between theoretical support for stricter ransomware regulations and the practical decisions leaders might make during a cyber crisis.

Support versus action

According to the data, support for restrictions on ransomware payments in the private sector is high, with 99% of respondents in favour of a ban, surpassing the 94% supporting a ban in the public sector. Among those in favour, 34% believe that a ban would prompt greater government intervention and support in enhancing cyber resilience. A further 33% expressed that a ban could decrease the prevalence of ransomware attacks by removing financial incentives for attackers.

Despite this support, the survey indicates that in a real-world situation, compliance with such a ban would be limited. Only 10% of business leaders said they would definitely comply with a private-sector ban if their organisation were attacked. An additional 15% said they would be neither likely nor unlikely to comply, pointing to significant uncertainty about enforcement and corporate behaviour under pressure.

Current government proposals target public sector organisations and operators of critical national infrastructure (CNI), including institutions such as schools, NHS trusts, local authorities, and utility providers. These entities would be legally prohibited from paying ransoms to cyber criminals. Private sector organisations not covered by the ban would be required to notify the government of any intent to pay, after which the authorities would inform them if the payment risked breaking laws related to sanctions or terrorist financing.

Persistent threat landscape

The issue is underscored by figures from the UK Government's Cyber Security Breaches Survey 2025, which reported that 43% of UK businesses - an estimated 612,000 organisations - experienced some form of cyber breach or attack in the previous 12 months.

This prevalence is driving companies to prioritise cyber preparedness. According to the research, 98% of respondents identified cyber readiness and recovery as a top spending priority moving forward. The survey points to a shift in focus from reactive payments to prevention and rapid recovery capabilities, which are increasingly recognised as critical to business continuity and resilience.

The toll of cyber incidents is significant. The average recovery time following an attack was reported at 24 days, with substantial financial implications for large firms and a risk of bankruptcy for smaller entities. This underscores the need for businesses to invest in preparedness and to have robust plans for recovery in place.

Expert perspectives

Paying a ransom rarely guarantees recovery and often increases the likelihood of being targeted again. A well-enforced ban could help take the profit out of ransomware, but it must be matched by greater investment in prevention, detection, and recovery-testing. Without that, more organisations could find themselves exposed at the worst possible moment, with no viable path to recovery.

This was stated by Darren Thomson, Field CTO EMEAI at Commvault.

Jane Frankland, MBE, CEO of Knewstart, also commented on the persistence of ransomware threats and the necessity for organisational resilience, stating:

Ransomware and cyberattacks will be a concern for a long time, as international cyber gangs make huge profits from them and use these resources to continually develop their attack tools. To break this cycle, companies must better prepare for emergencies and strengthen their cyber resilience. This will allow them to maintain operations and continue to serve customers during a cyber incident.

Methodology

The research was conducted by Censuswide according to Market Research Society standards, reflecting the views of senior leaders including CEOs, COOs, CFOs, CTOs, CIOs, CISOs, Chief Marketing Officers, Chief People Officers, Chief Sustainability Officers, Chief Compliance Officers, Chief ESG Officers, and Chief Trust Officers. The data was collected in early June 2025.

Related stories
Rubrik unveils sovereign cloud to keep sensitive data local
Executive-level CISO titles surge amid rising scope strain
UK unveils Software Security Ambassadors to push new code
Dun & Bradstreet outlines seven key compliance trends
Cyb3r Operations raises $5.4m to tackle cyber risk

Top stories

OVHcloud unveils Veeam-powered Backup Agent for Bare Metal
Dropzone AI hires leaders to drive EMEA & APAC push
Kick ICT names Steven Brown as new Chief Executive Officer
Yubico urges EU financial firms to ditch legacy MFA
Governments tighten social media age checks for children