Invest in your platform: Agility and scalability requires forward thinking and building enabling platforms. For this, you must have/do the following:
- A well-documented inventory of your assets
- A clearly-defined security policy—provide clear vision, standards, and guidance for your organization
- Practice good hygiene—most attacks can be prevented with timely patches, AV, and identity monitoring
- Employ multi-factor authentication to strengthen the protection of accounts and devices
Invest in your instrumentation: Ensure that you are exhaustively measuring the elements in your platform by doing the following:
- Acquire and/or build the tools that are needed to fully monitor your network, hosts, and logs
- Proactively maintain controls and measures, and regularly test them for accuracy and effectiveness
- Maintain tight control over change management policies
- Monitor for abnormal accounts and credential activity to prevent abuse
Invest in your people: Skilled analysts and data scientists are the foundation of defense, while users are the new security perimeter. You should do the following to ensure this:
- Establish relationships and lines of communication between the incident response team and other groups
- Adopt the least privilege admin model; ideally, eliminate persistent admin rights to minimize the attack surface
- Use the lessons that you've learned to gain value from every major incident
- Educate, empower, and enlist users to recognize likely threats and their role in protecting business data
If you want to educate or help your IT team to switch to a Cyber Career, you can read the book Cybersecurity The Beginner's Guide written by Dr. Erdal Ozkaya and Deepayan Chanda.