A strong security posture takes more than having the right defenses in place, you also need to establish solid plans to ensure you react to any breach in the right way. Credit: Getty Images It has never been easier for cybercriminals to infect your business with malware or ransomware. A vast array of malware tools can be bought on the dark web, complete with helpdesks for hackers, making the barrier to entry low. Most hackers will sit on your network for days, weeks or even months, gathering intelligence to infiltrate your systems and then try to exfiltrate data undetected.While prevention is better than cure, it’s not always possible. The smart move is to take what action you can to guard against intrusion, but also to employ intelligent real-time defenses, and to craft detailed action plans and procedures to handle any incidents that do arise. These best practices will help you reduce the risk of a data breach occurring in the first place, but also reduce the impact and damage if the worst does happen.1. Establish a risk baselineThe first step in securing your organization is to determine what level of risk you are willing to tolerate. Every business is different. You must assess your data and workflows to find out what the key risks are that would damage your business, and plan to address them in order based on the threat that each one poses. It’s unlikely you’ll be able to cover every base, so to extract maximum value from your resources, make sure you understand where your baseline is and apply a triage approach.2. Capture a complete picture of your networkFrom printers to security cameras to smartphones, the number of exploitable endpoints on your system is growing all the time. It’s vital that you have a complete inventory of devices, including small devices and sensors that fit into the internet of things category. Your ability to protect your network depends upon you having a clear, fully mapped picture of it. 3. Build a user awareness programIt’s easy to focus on the technology and tools that promise to bolster your security efforts, but the simple truth is that people are usually the weakest link in your defenses. People click on links they shouldn’t, they respond to increasingly sophisticated phishing attacks, and they unwittingly invite malware onto your network. It’s crucial that you train your staff to spot security risks and teach them how to respond appropriately. Put a proper security awareness training program in place and test your employees regularly to ensure that it’s working.4. Assess and patch vulnerabilitiesMany data breaches occur because of a simple failure to address known vulnerabilities. Organizations can be alarmingly slow to update software and apply patches, even after alerts are sent out. Make sure you have a stringent update policy in place and consider employing a tool that can flag your existing vulnerabilities. 5. Do root cause analysisIf an incident or a breach does occur, then treat it as a learning opportunity. You may assume that ticking all the boxes will keep your data safe, but new attack vectors are uncovered every day. A root cause analysis will enable you to identify the heart of your problem and remediate.6. Implement real-time automated protectionWherever possible you want to employ real-time tools that can scan for issues and resolve them automatically. Sometimes security teams are struggling with a backlog, so identifying a threat isn’t enough, because there’s a lag between the alert and the fix. Consider the role machine learning can play and think about user behavior analytics and other strategies for uncovering possible risks.7. Craft an incident response planYou can restrict damage, reduce recovery time and limit the associated costs by putting a robust incident response plan in place. A good plan lays out every detail of an effective response, making it clear who is responsible and what needs to happen every step of the way. Break it down, so you have a playbook for data breaches, denial of service attacks and ransomware attacks. Run drills to ensure that your plan is effective. These plans and exercises are also great to show regulators that you’re taking your responsibilities seriously.8. Fully utilize your existing security technologyIt may be tempting to splurge on the latest security tools, but it takes some expertise to leverage security software effectively. Start by assessing the technology you currently have in place and make sure that you’re getting maximum value from it. Sometimes a process tweak or reconfiguration allows you to secure much more with little or no cost.9. Bake security into everythingSecurity should not be about firefighting; your CSO should be selling the importance of a strong information security strategy to every business unit in your organization. They need to be included as part of everyconversation, whether it’s a new project, the development of a new application, or a technology acquisition.10. Employ third-party risk managementIt’s highly likely that you work with third-parties and vendors and some of them will have access to your data. Your security efforts must go beyond internal strategies to consider third-party risk. Assess your partners, ensure they meet your standards, and test them on it – don’t take their word for it. Employing these best practices will help you to reduce the risk and potential impact of a data breach, but security is on ongoing process that requires constant attention. Your strategy should continually evolve for best results. Related content opinion Diversity in cybersecurity: Barriers and opportunities for women and minorities Increasing the numbers of women and minorities in cybersecurity isn't just good for the individuals involved, it's good for the practice of security. Here's a look at what's holding them back and what can be done about it. By Michelle Drolet Dec 23, 2021 5 mins Diversity and Inclusion Hiring Security opinion 6 steps for third-party cyber risk management If you have third-party partners, you need a third-party cyber risk management program. Here are six key steps to follow. By Michelle Drolet Sep 30, 2021 4 mins Risk Management Security Practices Security opinion 5 open source intrusion detection systems for SMBs If you don’t have a lot of budget at your disposal, these open-source intrusion detection tools are worth a look. By Michelle Drolet Nov 13, 2020 5 mins Intrusion Detection Software Security feature 6 steps to building a strong breach response plan Cybersecurity resilience depends on having a detailed, thorough, and tested breach response plan in place. Here's how to get started. By Michelle Drolet Oct 07, 2020 5 mins Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe