Skip to main content

Clifford Chance

Clifford Chance
Briefings

Briefings

New York Department of Financial Services Issues Ransomware Guidance in Wake of Increased Attacks

July 6, 2021

On June 30, 2021, the New York Department of Financial Services issued Ransomware Guidance to help companies prevent and respond to attacks. While the alert is styled as "guidance," it is hard to imagine many situations, even applying a risk-based analysis, where DFS would not "expect" supervised entities to implement the controls listed, which repeatedly cross-reference the Department's Cybersecurity Regulation. As ransomware attacks continue to increase in frequency and sophistication, supervised entities should review their cybersecurity controls against DFS's guidance to ensure that they have adequate protections in place.

Download PDF