It’s a longer read than most web articles but worth it, if only to disagree with the ranking. My personal #1 is organisational readiness; everyone knows their responsibilities when it comes to spotting, reporting, and responding to incidents. If the ‘patient zero’ that starts off a ransomware attack knew how to spot something funny and who to report it to (and maybe even to disconnect from the network) then a lot of harm could be avoided…:
According to cybersecurity experts who have helped organizations clean up after disastrous security breaches, many of those events were made so much worse due to incident response (IR) failures. And those failures tend to cluster around the same common IR mistakes that enterprises make time and again.
The pundits point to the following top 10 mistakes, along with advice on how to avoid them.