UK to Introduce New Law Mandating Businesses to Disclose All Ransomware Attacks
Mike Sanders / 10 months ago
While ransomware is a sad modern reality (and risk) for both businesses and individuals, for the former it’s particularly tempting, wherever possible, to not actually disclose to the public when they have been the victim of a cyber security attack. In fact, with many cyber security insurance policies offering to just pay whatever ransomware fee necessary, in many respects hushing up such incidents can be both convenient and easy.
Following a report via TheRecord, however, the UK is set to introduce a new law which will ultimately require any business subjected to a ransomware attack to publically disclose the incident or potentially face fines of up to £17M.
UK to Crack Down on Ransomware Cover-Ups!
The new law would specifically look to target MSPs (managed service providers) but will essentially try to stop what we suspect are alarmingly high instances of businesses simply paying ransomware fees and then quietly hushing the matter up. And make no bones about it, this happens a lot as only last month information appeared online showing that cyber security insurance premiums were doubling each year due to payments being issued to these criminal organisations to stop the leak of sensitive information.
With this new law, however, all ransomware attacks will have to be publically declared, and more so, failure to do so will result in either the MSP or business being hit with anything up to a £17M fine!
The overall hope, from a general consumer level, is that with ransomware attacks having to be declared, this will (hopefully) prevent businesses from not only attempting to protect their public image by paying the fee and keeping their mouths shut, but also their efforts to hide when their potentially incredibly sensitive data (such as information on its customers) may have been compromised. – And a side bonus, of course, is that with such declarations having to be made, this may stop them from, you know, actually paying the ransomware criminals.
I mean, to me, this is literally the definition of feeding the beast that’s trying to kill you!
What do you think though? – Let us know in the comments!