- The majority of the United Kingdom’s business leaders admit that they would break the law to keep their company alive after ransomware attacks
- Publicly supporting ransomware prohibitions means little when private survival instincts take over during a violation
- Antirransomware policies face collapse, since companies silently admit that they will still negotiate with the attackers
The business leaders of the United Kingdom seem united in principle behind the recent prohibition of payment of government ransomware for the private sector, but the new data reveal a marked contrast between public support and the intentions of the real world.
The 2025 cyber security violations survey found, while almost all respondents supported a prohibition, three out of four admitted that they would ignore it if paying a ransom were the only way to save their company.
This contradiction reveals the tension between political ideals and the realities of surviving a cyber attack.
Principles collide with survival instincts in crisis scenarios
The report found that almost half (43%) of the United Kingdom companies have experienced some form of cyber violation in the last year, with the risk of reducing size and the sector.
As a result, cybersecurity preparation is now considered a critical commercial function, with 98% of respondents who plan to prioritize it in their expenses.
There is a growing recognition that reactive payments do little to ensure recovery, especially when attackers may not restore data even after receiving funds.
“Paying a ransom rarely guarantees recovery and, often, increases the probability of being attacked again,” said Darren Thomson, Field Cto Emeai, Commvault.
“A well -forced prohibition could help eliminate ransomware profits, but it must be matched by a greater investment in prevention, detection and recovery test …”
Many experts argue that the solution lies in resilience, not the rescue, therefore, there is a change towards the strongest use of antivirus tools, the well -maintained final point protection platforms (EPP) and the protection strategies of ransomware integrated in business recovery systems.
These measures are becoming essential, since the average recovery time after an incident now extends to 24 days.
For smaller companies, this duration can be catastrophic, and the pressure to recover quickly increases the temptation to pay.
Supporters of the proposed prohibition believe that it could promote a positive structural change, with a third of respondents saying that the measure would cause greater government intervention and investment in cybersecurity infrastructure.
Another third suggests that eliminating financial incentive for criminals could reduce the frequency of attacks.
However, even among those who support the idea, few trust that the rules would follow if their business was at stake.
The United Kingdom Government has already applied the prohibition to public sector institutions such as NHS trusts and local advice.
Despite the clear intention behind the proposed legislation, compliance in practice remains doubtful, since only a tenth of the leaders surveyed said they would fully comply with the prohibition in a crisis.
Most are not willing to risk the collapse of their businesses, even if that means violating legal provisions.
