Enable multi-factor authentication (MFA): To protect against compromised user passwords and helps to provide extra resilience for identities. Multi-factor authentication (MFA) adds a layer of protection to the sign-in process. When accessing accounts or apps, users provide additional identity verification, such as scanning a fingerprint or entering a code received by phone.
Apply Zero Trust principles: The cornerstone of any resilience plan limiting the impact on an organisation. These principles are: Explicitly verify and ensure that users and devices are in a good state before allowing access to resources. Use least privilege access. This means that only allows the privilege that is needed for access to a resource and no more. Assume breach, this means be always prepared for system defences to be breached and systems might be compromised. This means constantly monitoring the environment for possible attacks.
Use extended detection and response anti-malware: Implement software to detect and automatically block attacks and provide insights to the security operations. Monitoring insights from threat detection systems is essential to being able to respond to threats in a timely fashion.
Keep your systems up to date: Unpatched and out of date systems are a key reason many organisations fall victim to an attack. Ensure all systems are kept up to date including firmware, the operating system, and applications.
Protect data: Knowing your important data, where it is located and whether the right systems are implemented is crucial to implementing the appropriate protection.