Nov 28th, 2025
2 mins
Members of the Counter Ransomware Initiative (CRI) and its Private Sector Advisory Panel are joining together to issue guidance for organisations on building resilience in their supply chains against ransomware threats.
The guidance aims to reduce the likelihood of a ransomware incident having a critical effect on an organisation by:
- Raising awareness of the ransomware threat across an organisation’s supply chain
- Promoting good cyber hygiene to protect supply chains
- Ensuring supply chain vulnerabilities are factored into an organisation’s risk assessment and decisions, including on procurement
The Home Office is recommending that organisations review the guidance and consider implementing the recommendations in collaboration with supply chain operators, both existing and future. The aim is to ensure organisations do not leave supply chains vulnerable to ransomware attacks.
Being prepared for any incident is key and will help lessen the impact if one happens. In 2024, the CRI, alongside insurance bodies, published guidance for organisations during ransomware incidents. This guidance is designed to build on this 2024 product, being specifically targeted at organisations and their supply chains.
You can access the guidance here
