I beg to move, That leave be given to bring in a Bill to require a company that meets a specified criteria to report any cyber extortion or ransomware attack on the company to the Government within a specified time after the attack; to make provision about the content of such reports, including a requirement to provide information about any payments made; and for connected purposes. The National Cyber Security Centre has reported a 50% increase in British cyber-incidents deemed “highly significant” over the past year. Among the threats are hostile states like China and Iran. UK IT leaders cite these nations as major concerns, with recent espionage trials highlighting state-sponsored cyber-operations. Current legislation lacks requirements for companies to disclose ransomware payments. The Bill would mandate reporting of attacks within 72 hours and any payment made thereafter, capturing approximately 78% of medium-sized businesses and all large corporations. It includes legal protections for companies reporting incidents.