Skip to content Skip to menu Skip to footer
Incident response

CyXcel-RUSI Collaboration on UK Ransomware Legislative Proposals

Image related to CyXcel-RUSI Collaboration on UK Ransomware Legislative Proposals

The UK government is currently conducting a consultation on a set of proposals to reduce the impact of ransomware on the national economy. 


The proposals include:

  • a targeted ban on ransomware payments for all public sector bodies and regulated providers of Critical National infrastructure;
  • an authorisation system for ransomware payments; and
  • a mandatory reporting regime for ransomware incidents. 

If enacted, the proposals would constitute a significant intervention by the UK government and go much farther than any other government in attempting to disrupt the ransomware business model.

The proposals include: 

•    a targeted ban on ransomware payments for all public sector bodies and regulated providers of Critical National infrastructure;
•    an authorisation system for ransomware payments; and 
•    a mandatory reporting regime for ransomware incidents. 

If enacted, the proposals would constitute a significant intervention by the UK government and go much farther than any other government in attempting to disrupt the ransomware business model. 

To discuss the potential impact of the proposals on threat actors and their targets, RUSI convened a panel of experts on 3 April 2025. CyXcel’s CEO Edward Lewis, who has been a part of these policy discussions for the start, also spoke on the panel.

The panel addressed the rise in ransomware attacks as the main driving force behind the government proposal and the challenges of traditional law enforcement approaches. 

Key issues covered included:
•    the need for government responsibility and action; 
•    the pros and cons of banning ransom payments in certain sectors; and 
•    the need to integrate the new proposals into other cybersecurity laws. 

The discussion also covered the creation of a dedicated unit for victim requests, mandatory reporting regimes, and the importance of international collaboration. Emphasis was placed on supporting SMEs, ensuring resilience, and the effective use of government funds in tackling cybercrime.

Recording of the full panel discussion is available on YouTube here

CyXcel’s Thomas Barrett, Jack Horlock, Edward Lewis and Anthony Rance also examined the UK’s evolving ransomware legislation in a RUSI Commentary: “Ransomware: The Final Frontier”.

In the commentary, they argue that bold, decisive action is clearly needed – and the UK deserves credit for moving first. But being first brings risk. If the UK becomes a proving ground for RaaS retaliation, it must be ready for the consequences.

There is no one-size-fits-all fix for ransomware. But by combining ambition with nuance, and enforcement with support, the UK can set a powerful global example. The key is to move fast – but not alone, and not without a safety net for those left more exposed.

The commentary is available on the RUSI website here

We can help

CyXcel is an NCSC Cyber Incident Response (CIR) Approved Provider. We support our clients with every aspect of incident management and digital forensics to ensure business continuity and swift recovery. 

We also offer tailored recommendations to enhance security measures, update incident response plans, and provide staff training based on the incident. Our approach helps the organization not only recover effectively but also strengthen its overall cybersecurity posture for future resilience.

For more information, or to speak with one of our team about how we can help your business, contact us today.