DFS Issues Guidance on Crowdstrike Outage
Per the notice below, the New York State Department of Financial Services (DFS) has issued guidance to its regulated entities, including all types of insurers, on the Crowdstrike global outage.
To: Chief Information Security Officers at Regulated Institutions
Subject: Notice Regarding Crowdstrike Global Outage
During this global technology outage, the Department is monitoring institutions, market events, and collaborating closely with other state and federal regulators to protect consumers, ensure the health of the entities we regulate, and preserve the stability of the global financial system. DFS reminds all regulated entities to be vigilant at this time. Threat actors have been known to launch attacks during periods when IT and security staff are distracted, especially through social engineering. All DFS-regulated entities are encouraged to be on high alert for suspicious e-mails, calls, and in-person contacts purporting to be a vendor working on this issue. For further details, please see the U.S Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency’s information on Avoiding Social Engineering and Phishing Attacks: Avoiding Social Engineering and Phishing Attacks | CISA.