Navigating Ransomware: Essential Guidance from NCSC

Collaborating for Stronger Cybersecurity

At Sutcliffe & Co Insurance Brokers, we understand the ever-evolving threats businesses face in the digital age and that’s why we’re pleased to share the latest ransomware guidance from the UK’s National Cyber Security Centre (NCSC). Developed in collaboration with leading insurance industry bodies, this resource is designed to help organisations navigate the complexities of ransomware incidents.

A unified effort against ransomware

This timely guidance is the result of a joint effort by the NCSC, the Association of British Insurers (ABI), the British Insurance Brokers’ Association (BIBA), and the International Underwriting Association (IUA). By combining expertise from these respected organisations, the guide aims to minimise the overall impact of ransomware attacks on businesses.

The goals of the this latest information and the primary objectives of this comprehensive guide are to:

  • Reduce disruption and costs associated with ransomware incidents.
  • Decrease the frequency and amount of ransoms paid by victims.
  • Provide clear, actionable steps for businesses to consider during a ransomware crisis.

Key considerations in the guide

The guidance offers essential advice to help businesses effectively respond to ransomware incidents:

  • Don’t panic: Stay calm to make rational decisions.
  • Review alternatives: Consider all options, including not paying the ransom.
  • Record your decision-making: Keep detailed records of the decision process.
  • Consult experts: Seek advice from cybersecurity professionals where possible.
  • Involve the right people: Ensure technical staff and relevant stakeholders are part of the decision-making process.
  • Assess the impact: Evaluate the incident’s effect on your business.
  • Investigate the root cause: Identify how the attack occurred to prevent future incidents.
  • Understand limitations of payment: Realise that paying the ransom does not guarantee access to your data or devices.
  • Consider legal and regulatory practices: Ensure your actions comply with legal and regulatory standards.
  • Report the incident: Notify UK authorities about the ransomware attack.

If you have cyber insurance the first thing you should do is contact their emergency incident response helpline who will provide technical experts to help you handle the situation, find the problem, stop the problem and restore systems and data.

A supportive approach to a ransomware attack

BIBA has endorsed this cohesive approach, highlighting its importance in supporting victims of cyberattacks. They emphasise that the guidance offers practical help for planning and responding to crises and encourages firms to explore alternative responses to cyberattacks beyond just ransom payments.

Is ransomware a threat to small businesses?

Many small businesses may not anticipate being targeted by cybercriminals, but vulnerability, not size, is often the deciding factor for attackers. This guide serves as a crucial resource for any business, providing clarity in challenging situations and helping to ensure a well-coordinated response.

Where can I access further information about ransomware?

For more details on how to protect your business and prepare for potential cyber threats, read the full ransomware guide here>

At Sutcliffe & Co Insurance Brokers, we are dedicated to supporting our clients with the latest in cybersecurity best practices and insurance solutions to help you stay informed and stay protected.

Taking proactive steps, such as obtaining Cyber Essentials certification and purchasing insurance against cyber-enabled crime, can significantly enhance security. More information regarding obtaining Cyber Essentials can be found here>

You can learn more about the cyber risks associated with ransomware by contacting our team on 01905 21681 or email