Cybercrime and Cybersecurity
(asked on 10th April 2026) - View Source
Question to the Department for Science, Innovation & Technology:
To ask the Secretary of State for Science, Innovation and Technology, what assessment her Department has made of the proportion of companies paying ransoms to hackers following cyber-attacks; and what steps her Department is taking to improve cybersecurity across industry sectors.
Answered by
Kanishka Narayan
Parliamentary Under Secretary of State (Department for Science, Innovation and Technology)
The government considers ransomware a serious threat to the UK’s national security and economic prosperity. The Home Office recently consulted on a package of proposals to reduce the threat ransomware poses to the UK economy and will continue to develop these measures in collaboration with industry. Due to under-reporting there is no single authoritative estimate of ransomware payment rates. Recent industry reports suggest that payment rates are declining. The government’s Cyber Security Breaches Survey finds around half of businesses (52%) have a rule or policy to not pay ransomware demands.
Improving cyber security across industry sectors is critical to national security and the resilience of our wider economy. The government has developed a wide range of free tools, guidance, training and standards to help organisations of all sizes implement cyber security measures. The government's highly effective Cyber Essentials scheme helps organisations implement critical cyber security controls and protect against the most common cyber attacks. The Cyber Security and Resilience Bill will boost UK cyber defences and protect our essential and digital services. In October government ministers and senior security officials wrote an open letter to the UK’s leading companies urging them to take three specific actions to improve their cyber resilience: use the government’s Cyber Governance Code of Practice, register for the National Cyber Security Centre’s Early Warning System, and adopt Cyber Essentials in their supply chains. In 2026 the Government will publish a new National Cyber Action Plan that will set out how we will respond to the growing cyber threat and work with industry to raise cyber resilience levels across the economy.