Not-for-profit quality care for over 25 years

New Guidance Announced by the National Cyber Security Centre for Cyber Attacks & Ransomware Incidents 

Ransomware attacks continue to pose a significant threat to organisations worldwide. With an ever-increasing digital uptake in the social care sector, organisations must carefully weigh the risks and potential consequences when faced with the difficult decision of whether to pay a ransom. The National Cyber Security Centre (NCSC), in collaboration with insurance industry bodies, has developed new comprehensive guidance to assist organisations during such critical moments. 

Key Points from the Guidance: 

  1. Minimising Impact: The primary goal is to minimize the overall impact of a ransomware incident on an organization. This includes reducing disruption and cost to businesses. 
  1. Preparedness: Being prepared for any incident is crucial. Organizations should have robust incident response plans in place to mitigate the effects of a ransomware attack. 
  1. Ultimate Decision: While the guidance provides valuable insights, the ultimate decision to pay the ransom rests with the victim organization. Factors such as legal considerations, financial implications, and the likelihood of successful decryption should be carefully evaluated. 

Key Steps to Consider: 

  1. Assess the Situation: Understand the severity of the attack, the extent of data encryption, and the potential impact on business operations. 
  1. Consult Experts: Seek advice from cybersecurity professionals, legal experts, and law enforcement agencies. Their insights can help inform the decision-making process. 
  1. Evaluate Alternatives: Consider alternatives to paying the ransom, such as restoring from backups, negotiating with the attackers, or seeking decryption tools. 
  1. Risk Assessment: Assess the risks associated with paying the ransom, including the possibility of not receiving decryption keys or encouraging further attacks. 
  1. Transparency: If payment is made, consider transparency with stakeholders, regulators, and customers. Transparency builds trust and helps manage reputational risks. 

For social care organisations the threat of cyber-attacks and ransomware attacks could potentially mean large leaks in private personal data and potentially significant disruption to the delivery of services. With the above recommendations and potential solutions, the risk of coming under attack from a cyber-attack can be reduced. In addition to this, NCF highly recommends that all social care providers complete the Data Security and Protection Toolkit. Completing the DSPT (a self-assessment tool care providers can use to ensure they have good data and cyber security practices) can also help to keep your data safe. Please see the resources below for further information on how you can stay compliant and safe.  

Ransomware incidents are complex and challenging. Organisations must balance the urgency of restoring operations with the potential risks of paying a ransom. By following the NCSC’s guidance and seeking professional advice, organisations can make informed decisions that protect their interests while minimizing harm. 


Digital Social Hub offers a Business Continuity Plan Template, as well as an audit tool to support providers to test the viability of their plans – Business Continuity Planning – Digital Care Hub 

For the full NSCS guidance report please read – Guidance for organisations considering payment in… – NCSC.GOV.UK   

See how your LSO can help you prevent Cyber Attacks and 1-2-1 support – Local Support Organisations – Digital Care Hub 

Share post...

Related articles

Helpline – open 9am-5pm Monday to Friday: 0208 133 3430 or email