The U.K. plans to force companies to notify the government of ransomware payments, and while its demands have been largely welcomed, experts warn there is a risk that corporations may focus on “box-tick” compliance instead of planning for effective cyber-resiliency because it is the more affordable option.
