4. Build a Protective Wall
Since most cyber-attacks still exploit staff-related security breaches, address this issue first- a sound access governance process with policies and tools to enforce it will already start protecting you.
A good way of ensuring that this is regularly reviewed and continuously protects the organisation is to include its verification in your internal controls. You should also ask internal audit to add it into its audit plan.
5. The Best Defense Is a Good Offense
Don't get me wrong, I'm not enticing you to go and attack hacker communities here! But what I am suggesting is that you run attack scenarios yourself to test your own protective barriers.
Thinking and behaving somewhat like the parties you're trying to defend against might shed some new light on weaknesses in your shell. Also, this will enable you to become more proactive and deter future events before they even unfold.
I realise this is just an abstract of what should be a much more detailed publication, but do you agree with these high-level suggestions? How do you tackle cyber security in your organisation?
Sign up for MIS Asia eNewsletters.