In light of recent high-profile ransomware events, the White House released a memo with guidance on how companies can help prevent these attacks. Increasingly, these attacks are referred to as national security threats. While these events have been commonplace since 2017, their frequency and severity have reached levels requiring urgent action from the private sector.

“The private sector also has a critical responsibility to protect against these threats. All organizations must recognize that no company is safe from being targeted by ransomware, regardless of size or location,” wrote Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology.

The White House provided core strategies to prevent ransomware attacks. These strategies include:

  1. Strong use of multifactor authentication (MFA)
  2. Implementation endpoint detection and response (EDR) technology
  3. Regular testing of backups as well as offline copies
  4. Prompt updating and patching of systems
  5. Testing of incident response plans (IRP), including ransomware-specific IRPs
  6. Third-party penetration testing
  7. Network segmentation

The White House’s new guidance reflects changes that many insureds have already experienced in the past year as underwriting standards evolve in the cyber insurance marketplace. At Hays, we are committed to both helping our clients manage their risk as well as protect all of our national security interests. If you have any questions, please contact a member of our Cyber Insurance Practice:


This document is provided for general information purposes only and should not be considered legal or tax advice or legal or tax opinion on any specific facts or circumstances. Readers are urged to consult their legal counsel and tax advisor concerning any legal or tax questions that may arise.


Interested in learning more? Connect with us today: