techUK response to the Home Office Ransomware Consultation

techUK welcomes and shares the government's ambition to ensure the UK is better protected against ransomware and recognise the serious threat it poses to organisations and the wider economy. The cyber threat landscape and particularly the ransomware ecosystem is evolving to become increasingly complex and professionalised, and it targets all parts of the UK and global economies.

However, techUK and its members expressed concern that any guidance or framework would need to be carefully designed to avoid further burdening victims of ransomware attacks and prevent any unintended consequences.

In our response, we outlined how a full implementation of the proposals could have the following impact on the sector:

• Potential duplication of efforts and compliance if these proposals are not aligned to the Cyber Resilience and Security Bill, among other government strategies.
• Placing an undue burden on the victim of an attack. Members feel strongly that victims needs support not punishment.
• Banning payments could inadvertently push ransomware transactions underground, reduce visibility into cyber criminal and/or shifting attacks to other sectors outside UK CNI and Public Sector, such as Manufacturing which contribute significantly to the UK economy or further down the supply chain.
• A blanket approach could create disproportionate challenges for particular groups that may lack the resources or expertise to comply.

Some high-level points and recommendations include:

• techUK and members disagreed with that the government should implement a targeted ban on ransomware payments on CNI and public sector, highlighting the points above as key challenges to it's implementation.
• Non-compliance of a ban could lead to criminalising a victim of a crime. techUK and members find any such initiative counterproductive to the government's own resilience agenda which fails to address the root cause.
• The current voluntary ransomware incident reporting regime should continue to be used with a more structured approach which ensures organisations see the value in reporting, rather than perceiving it as an additional regulatory burden.
• The government should create a 'one stop shop' for reporting of an incident and outline the clear next steps a business should take if they are the victim of an attack. This would help to incentivise incident reporting. 
• The government should share anonymised threat intelligence using data gathered from incident reporting, this should be shared with organisations to support their understanding of the threat landscape and further incentives compliance with reporting regimes.

Read our full response here.

Cyber Resilience Programme activities

techUK brings together key players across the cyber security sector to promote leading-edge UK capabilities, build networks and grow the sector. techUK members have the opportunity to network, share ideas and collaborate, enabling the industry as a whole to address common challenges and opportunities together. Visit the programme page here.

Voting Open: techUK Cyber Resilience Committee and Cyber SME Forum

Voting is now open for a position on the Cyber Resilience Committee 2025-2027. Voting is also open for the Chair and Vice Chair of the Cyber SME Forum.

Click here to find out more

The critical role of observability in powering energy and utilities: A webinar sponsored by Elastic, Microsoft and Kyndryl.

Join techUK, Elastic, Microsoft and Kyndryl for this insightful webinar to find out how AI and modern cloud improve operational efficiencies, using mature solutions of IT and OT to drive innovation and the associated layers of complexity and increased risks.

Join the conversation here.

Government launches consultation on proposed legislation to address the threat of ransomware

The Home Office is seeking views on proposals to address the threat of ransomware.

Click here to find out more information

 

Upcoming events

23 – 24 April 2025

UK Cyber Week 2025

London Partner event

23 April 2025

techUK member briefing with DSIT on the Cyber Security and Resilience Bill 3

London and online Market briefing

24 April 2025

Building cyber resilience: Through people and skills

Online Webinar

Latest news and insights 

11 Apr 2025

techUK response to the Home Office Ransomware Consultation

11 Apr 2025

Results of techUK Cyber Resilience Programme elections announced – 2025 – 2027

08 Apr 2025

Government publishes Cyber Governance Code of Practice

President's Awards 2025 - Nominations Open!

Do you have a trailblazer in your team? Do you work with an innovator or a problem solver? Do you have an inspirational colleague who deserves the spotlight for their work? The President’s Awards are back for 2025 and open for nominations. All techUK members are encouraged to nominate one colleague.

Learn more and nominate

Learn more and get involved

 

Cyber Resilience updates

Sign-up to get the latest updates and opportunities from our Cyber Resilience programme.

 

 

Here are the five reasons you should join the Cyber Resilience programme.

Learn about the value members get from our work

Download

Join techUK groups

techUK members can get involved in our work by joining our groups, and stay up to date with the latest meetings and opportunities in the programme.

Learn more

 

Become a techUK member

Our members develop strong networks, build meaningful partnerships and grow their businesses as we all work together to create a thriving environment where industry, government and stakeholders come together to realise the positive outcomes tech can deliver.

Learn more

 Meet the team 

Jill Broom

Head of Cyber Resilience, techUK

Jill leads the techUK Cyber Security programme, having originally joined techUK in October 2020 as a Programme Manager for the Cyber and Central Government programmes. She is responsible for managing techUK's work across the cyber security ecosystem, bringing industry together with key stakeholders across the public and private sectors. Jill also provides the industry secretariat for the Cyber Growth Partnership, the industry and government conduit for supporting the growth of the sector. A key focus of her work is to strengthen the public–private partnership across cyber to support further development of UK cyber security and resilience policy.

Before joining techUK, Jill worked as a Senior Caseworker for an MP, advocating for local communities, businesses and individuals, so she is particularly committed to techUK’s vision of harnessing the power of technology to improve people’s lives. Jill is also an experienced editorial professional and has delivered copyediting and writing services for public-body and SME clients as well as publishers.

Email:

[email protected]

Website:

www.techuk.org/

LinkedIn:

https://www.linkedin.com/in/jill-broom-19aa824

Read lessmore

Annie Collings

Programme Manager, Cyber Resilience, techUK

Annie is the Programme Manager for Cyber Resilience at techUK. She first joined as the Programme Manager for Cyber Security and Central Government in September 2023. 

In her role, Annie supports the Cyber Security SME Forum, engaging regularly with key government and industry stakeholders to advance the growth and development of SMEs in the cyber sector. Annie also coordinates events, engages with policy makers and represents techUK at a number of cyber security events.

Before joining techUK, Annie was an Account Manager at a specialist healthcare agency, where she provided public affairs support to a wide range of medical technology clients. She also gained experience as an intern in both an MP’s constituency office and with the Association of Independent Professionals and the Self-Employed. Annie holds a degree in International Relations from Nottingham Trent University.

Email:

[email protected]

Twitter:

anniecollings24

LinkedIn:

https://www.linkedin.com/in/annie-collings-270150158/

Read lessmore

Tracy Modha

Programme Marketing Assistant for Public Sector Markets, techUK

Tracy supports the marketing of several areas at techUK, including Cyber Exchange, Central Government, Cyber Resilience, Defence, Education, Health and Social Care, Justice and Emergency Services, Local Public Services, Nations and Regions and National Security.

Tracy joined techUK in March 2022, having worked in the education sector for 19 years, covering administration, research project support, IT support and event/training support. My most outstanding achievement has been running three very successful international conferences and over 300 training courses booked all over the globe!

Tracy has a great interest in tech. Gaming and computing have been a big part of her life, and now electric cars are an exciting look at the future. She has warmed to Alexa, even though it can sometimes be sassy!

Email:

[email protected]

Phone:

02073312000

Website:

www.techuk.org

LinkedIn:

https://www.linkedin.com/in/tracymodha83

Read lessmore