The U.K. Information Commissioner's Office and the National Cyber Security Centre asked the Law Society to advise against members paying ransomware demands. U.K. Information Commissioner John Edwards said ransomware payments "will not guarantee that compromised files are released" and "does not reduce the scale or type of enforcement action from the ICO or the risk to individuals affected by an attack." Edwards added that incident response should include "vigilance" and "good cyber hygiene." The ICO also recently updated its ransomware guidance.