This protects against compromised user passwords and helps to provide extra resilience for identities.
The cornerstone of any resilience plan is to limit the impact of an attack on an organization: explicitly verify, use least privilege access, and always assume breach.
Implement software to detect and automatically block attacks and provide insights to the security operations software. Monitoring insights from threat detection systems is essential to being able to respond to threats in a timely fashion.
Unpatched and out-of-date systems are a key reason many organizations fall victim to an attack. Ensure all systems are kept up to date including firmware, the operating system, and applications.
Knowing your important data, where it is located, and whether the right defenses are implemented is crucial to implementing the appropriate protection.