In response to the ever-rising threat of cyber attacks, the federal government has issued repeated warnings for organizations to be on high alert. To stay on top of the escalating situation, the Senate passed a massive $1.5 trillion spending bill on March 11, 2022, with new cybersecurity laws that require companies to report data breaches and ransomware payments quickly.

Clearly, the last thing any organization should do is sit back with the mistaken belief that “it won’t happen to us.” So, what can you proactively do to keep your business safe?

The basic steps include setting up defenses and an action plan should an attack occur. It’s also important to have good security practices in place like multi-factor authentication, firewalls, network segmentation, and SIEM (security information event monitoring). But that’s not enough.

Here are three preventive steps that should be considered as part of your cybersecurity strategy.

  1. Implement a layered defense

    A layered defense mitigates risks in each “layer” of your environment, including network, hardware, software, code, data, access, passwords, physical access, and end-user training.

    In general, your defense plan should integrate the following layered actions:

    • Implement a training program to educate end-users on how hackers use phishing links in emails, lax password management, external devices, and more to gain access to corporate networks.
    • Practice zero trust security, limit access to applications, and ensure access is updated appropriately and promptly.
    • Have a monthly full data backup at a minimum, with system logs with incremental backups in between (with a best practice to store a second backup offsite).
    • Encrypt databases, backups, and sensitive traffic within your network.
    • Ensure each department has a business continuity plan that is regularly reviewed and updated.

    By enforcing standard operating procedures to address the common vulnerabilities that hackers exploit, you reduce the risk of becoming an easy target.

  2. Plan for attacks using a table-top cybersecurity exercise or cyber crisis exercise

    Bring together selected team members across various departments (like IT, cybersecurity, business, and outsourcing) to discuss critical actions during a cybersecurity breach. Use a facilitator to keep the discussion engaging and focused and set clear expectations for what to do in an attack.

    For best results, you can establish a RACI, a responsibility matrix with clearly identified roles: Responsible, Accountable, Consulted, and Informed.

    You can use the RACI model to determine roles and responsibilities by answering the following questions:

    Responsible: Who does the task? Who must make the decision, complete the task, or fulfil the objective? (More than one person can be responsible for tasks, depending on their scope and scale.)
    Accountable: Who is the “owner” of the task? Who signs off or makes the call that something has been completed? Who assigns the responsibilities for the rest of the people in the matrix? (For each key division, there should only be one accountable person.)
    Consulted: Who else needs to give input before something is considered done or signed-off? (The consulted group usually comprises various stakeholders who have the expertise to provide valuable insights.)
    Informed: Who needs to know the updates in the appropriate timing? (This group will need to know decisions or progress on tasks, but do not contribute or provide input directly.)

    Alternatively, if you have the resources to do so, organizing a cyber crisis exercise to simulate a cyber attack allows your team to be more hands-on with various scenarios such as encountering malware, ransomware, data breaches, and infrastructure failure. Do note that cyber crisis exercises often need months of planning, and the simulation itself can take one full working day to run.

  3. Create a backup plan for essential communications
    A backup plan with clear procedures to facilitate essential communications ensures that crisis teams and the business can continue to communicate, even if your usual messaging system is down. The plan should cover:
    • Establishing a backup messaging system that can handle temporary email, messaging, and collaboration in the cloud.
    • Keeping a backup copy of your active directory, as hackers often use phishing to access that directory to obtain administrative passwords and disrupt systems.
    • Keeping two backups on different media, one locally and one offsite.

Keeping your organization safe is a continuous effort

Traditional security programs are no longer enough to address new cyber threats. You must constantly eliminate the chances of breaches through evolving best practices and nurture a security-first culture that prioritizes availability, confidentiality, and integrity.

To upgrade your cybersecurity posture, you must take into account both cultural and technological solutions. There’s no point in being protected by cutting-edge tech programs, if employee ignorance or negligence provides an avenue for cybercriminals to access your company’s network, applications, and data. You can also leverage the expertise of third-party consultants to help you uncover real threats, deploy related resilience capabilities across key domains, and set up monitoring mechanisms to improve systems maturity.

Our cybersecurity experts at Wavestone are ready to work with your organization to assess your risk profile and fortify your defenses against an attack.



Our team is a blend of high-quality talent from all levels who can tackle your most complex issues with a fresh approach. With a globally connected network of 4,000 employees, Wavestone is designed to help you get results. All our consultants thrive on complex challenges, enjoy blazing new trails, and are committed to your organization’s success.

Laying the Foundations: The 4 Core Competencies of Effective Cloud Solutions Security

Sep 21, 2023

Implementing effective cloud solutions security is complex. Solution security architectures must be initially done with minimal mandated standards, then built progressively, with additional layers of security built on foundational capabilities. In this first of a 3-part series on safeguarding cloud solutions, we examine the 4 foundational capabilities of effective solutions security and best practices to implement them.

Wavestone Named to Forbes World’s Best Management Consulting Firms 2023 List

Sep 19, 2023

Forbes has once again recognized Wavestone in its annual “World’s Best Management Consulting Firms 2023” list. Read our blog for more information about the ranking and Wavestone’s award-winning business and technology consulting services.

Have a Question? Just Ask

Whether you're looking for practical advice or just plain curious, our experienced principals are here to help. Check back weekly as we publish the most interesting questions and answers right here.

Ask Wavestone