Invest in your platform: Agility and scalability requires forward ​thinking and building enabling platforms​. For this, you must have/do the following:

• A well-documented inventory of your assets ​
• A clearly-defined security policy—provide clear vision, standards, and guidance for your organization​
• Practice good hygiene—most attacks can be prevented with timely patches, AV, and identity monitoring ​
• Employ multi-factor authentication to strengthen the protection of accounts and devices​

Invest in your instrumentation​: Ensure that you are exhaustively measuring the elements in your platform​ by doing the following:

• Acquire and/or build the tools that are needed to fully monitor your network, hosts, and logs​
• Proactively maintain controls and measures, and regularly test them for accuracy and effectiveness
• Maintain tight control over change management policies​
• Monitor for abnormal accounts and credential activity to prevent abuse​

Invest in your people: Skilled analysts and data scientists are the foundation of defense, while users are the new security perimeter. You should do the following to ensure this:

• Establish relationships and lines of communication between the incident response team and other groups​
• Adopt the least privilege admin model; ideally, eliminate persistent admin rights to minimize the attack surface​
• Use the lessons that you've learned to gain value from every major incident​
• Educate, empower, and enlist users to recognize likely threats and their role in protecting business data​

If you want to educate or help your IT team to switch to a Cyber Career, you can read the book Cybersecurity The Beginner's Guide written by Dr. Erdal Ozkaya and Deepayan Chanda.