Header image

NCSC and Insurance Associations Join Forces to Battle Ransomware Payments


The National Cyber Security Centre (NCSC) has joined forces with insurance associations in an effort to stop ransomware payments to cyber-criminals.

The Association of British Insurers (ABI), British Insurance Brokers’ Association (BIBA) and International Underwriting Association (IUA) have offered joint guidance in an effort to undermine the profitability of the ransom business model.

The Guidance for organisations considering payment in ransomware incidents sets out recommendations that aim to empower organisations and associated third parties to make informed decisions when faced with ransomware, and ultimately help minimise the disruption and cost of an incident.

This includes considerations about the thorough assessment of business impact, reporting protocols, and where to access sources of support. 

NCSC’s acting CEO Felicity Oswald said it was “really encouraging to see all corners of the insurance industry unite to support victim organisations with guidance that will help them to better understand their options and reduce harm and disruption to their businesses.”

She said that the NCSC does not encourage, endorse or condone paying ransoms, and it’s a dangerous misconception that doing so will make an incident go away or free victims of any future headaches.

“This cross-sector initiative is an excellent next step in foiling the ransom business model: we’re proud to support work that will see cyber criminals’ wallets emptier and UK organisations more resilient,” she said.

Former NCSC CEO Ciaran Martin recently called for a ban on ransomware payments, saying there needs to be a better support network for affected companies. 

The View from the Insurers

 Helen Dalziel, director of public policy at the IUA, said the payment of ransoms in response to cyber-attacks is on a downward trend globally. “Businesses are realising that there are alternative options and this guidance further illustrates how firms can improve their operational resilience to resist criminal demands.”

The joint guidance robustly addresses parliamentary recommendations made in December by the Joint Committee on the National Security Strategy (JCNSS) which called for “more detailed”, accessible guidance “on how best to avoid the payment of ransoms after an attack.”

In its report, JCNSS acknowledges that cyber insurance could provide “a vital lifeline for ransomware victims”, with this guidance deepening the important role the insurance industry can play as convenors of the incident response to help boost organisations’ resilience against ransomware.


Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Dan Raywood
Dan Raywood Senior Editor SC Media UK

Dan Raywood is a B2B journalist with more than 20 years of experience, including covering cybersecurity for the past 16 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.

He has spoken at events including 44CON, Infosecurity Europe, RANT Conference, BSides Scotland, Steelcon and ESET Security Days.

Outside work, Dan enjoys supporting Tottenham Hotspur, managing mischievous cats, and sampling craft beers.

Upcoming Events

No events found.