Cyber threats nowadays are incredibly sophisticated, unknown and unpredictable. Companies have to build a strong defence to counter cyber threats and these include:
Network security: Configure your network (routers and switches) so your key systems are protected from external threats. Firewall rules should be regularly reviewed. Port scans should be done to close any open ports. Block certain sites to prevent users downloading malware accidentally, and social media / personal mails to prevent leakage of data and Network zoning etc.
Server Security: Patch servers regularly. Least access privilege should be taken into account when assigning roles and users. Role based profiling should be adopted. Monitor servers and detect any rogue process. Disable remote root login. Special attention should be paid to your Web Servers & Mail Servers that are exposed to internet.
Application Security: Classify Applications that are internal vs. external and data classification. External facing applications should have a pen test done periodically. A development team should be following OWASP standards ( www.owasp.org) to minimize application vulnerabilities. Use of single sign on should be adopted. Implement role based profiling.
Database Security: Secure and patch database. Least access privilege should be adopted when giving access to users. Implement role based profiling.
Personal Computing: Avoid users giving admin access to their PC. Prevent users from changing settings and running any program that they are not aware of intentionally or unintentionally. Anti-virus and malware software should be running and virus definition files should always be kept up to date.
Take experts opinion when in doubt as you cannot afford to be vulnerable to Cyber Threats and risk your data and reputation.