On June 30, 2021, the New York State Department of Financial Services (NYDFS) issued a new guidance on ways potential data breach victims can reduce the chance of a recurring ransomware attack.
NYDFS advises with nine, key tactics to prevent and/or respond to ransomware attacks, including: enabling email filtering and providing anti-phishing training; improving vulnerability and patch management; ensuring multi-factor authentication is enabled; disabling remote desktop protocol access; ensuring a secure password management system is in place; providing privileged access management where needed; initiating monitoring and response plans; setting up tested and segregated backups; and completing an incident response plan.
