Banks have been asked to step up their DDoS protection.
The request, however, is mostly CYA. Take, for example, the call to check for vulnerabilities--which has nothing to do with DDoS attacks. I think that generally this is missing the point. In particular, it seems that the latest DDoS attacks were very massive and thus are hard to sustain over time by anyone that is not government sponsored.
In this case I would expect national authorities to be the ones to take steps against it rather than individual corporations. In general, I think that attacks of such magnitude should definitely be handled by authorities rather than by individuals. It makes sense to set up regulations for building a house that won't fall down due to a rainstorm. It does not make sense to expect individuals to build dams for the case of a Tsunami.