New York Department of Financial Services Issues New Guidance to Financial Services Orgs to Counter Ransomware

Stu Sjouwerman | Jul 14, 2021

Financial Services Orgs to Counter RansomwareNYDFS offers up sound best practices in addition to their recently released Cyber Insurance Risk Framework based on recent attack investigations, finding repeated use of “the same handful of techniques.”

The increase in ransomware attack frequency and success has caused massive premium increases over the last two years and has put pressure for more rigorous assessments of cybersecurity measures for insured organizations. New York’s DFS seeks to help financial service organizations with security controls they believe can help stop most ransomware attacks with new guidance to specifically counter the ransomware epidemic. These include:

  1. Email Filtering and Security Awareness Training – Both of these result in filtering. The first is a technology that eliminates the obvious phishing emails. The second leaves it up to the human element to see a phishing email for what it really is, thereby stopping an attack before it starts.
  2. Vulnerability/Patch Management – DFS recommends orgs “identify, assess, track, and remediate vulnerabilities on all enterprise assets within their infrastructure.”
  3. Multi-Factor Authentication – Currently, MFA for remote access to the network and all externally exposed enterprise and third-party applications is required by 23 NYCRR § 500.12. The DFS recommends if for all privileged accounts.
  4. Disable RDP Access – this should be obvious by now, as RDP compromise is the primary attack vector in 59% of attacks.
  5. Password Management – strong, unique passwords should be in use, vaulting privileged credentials, and disabling password caching is recommended.
  6. Privileged Access Management – implementing some form of least privilege, and a periodic inventory of all privileged accounts should be audited.
  7. Monitoring and Response – having an ability to monitor systems for intruders and respond to suspicious activity should be in place, along with EDR to quarantine and potentially stop ransomware from executing is recommended.

Topics: Ransomware

Test Your Network’s Defenses with our Free Ransomware Simulator

When employees bypass guidance and fall for social engineering, your network security is the last line of defense. Run our 100% harmless RanSim tool on Windows 10+ workstations to safely simulate 25 ransomware and cryptomining infection scenarios, pinpoint technical vulnerabilities, and get your results in minutes.

Launch Your Free Ransomware Simulation

Secure the Digital Workforce: Human + AI

KnowBe4 empowers the modern workforce to make smarter security decisions every day. Trusted by more than 70,000 organizations worldwide, KnowBe4 is the pioneer of digital workforce security, securing both AI agents and humans. The KnowBe4 Platform provides attack simulation and training, collaboration security, and agent security powered by AIDA (Artificial Intelligence Defense Agents) and a proprietary Risk Score. The platform leverages 15 years of behavioral data to combat advanced threats including social engineering, prompt injection, and shadow AI. By securing humans and agents, KnowBe4 leads the industry in workforce trust and defense.