While many companies are now beginning to understand how real cybersecurity threats are, most are still ill-prepared to defend against them. If your company is like many, the C-suite may be feeling okay about the security of its computer network based on deployment of a prevention strategy including anti-virus software, a firewall and perhaps other precautions.

If so, leadership should reconsider. Even with the best prevention measures in place, intruders can still find their way into your network. And once they are there, they often have plenty of time to create damaging data breaches.

At many companies, intrusions are more damaging than they need to be because of a failure to implement a multi-pronged security strategy that not only features prevention but also includes comprehensive detection measures and a robust response plan.

This article takes a more detailed look at three elements that make up a multi-pronged approach to cybersecurity.


While no prevention strategy can expect to achieve 100 percent success, you can raise your company’s batting average by going beyond the basics of anti-virus software and a firewall. Among the measures to consider:

Tighter controls on access to the network. Require stronger passwords, but don’t rely on that alone. Introduce dual authentication, which means that another factor in addition to a password is required for access, such as a fingerprint, the answer to a secret question or a code generated by a “token,” which is a small portable device.

Consider increasing the sensitivity of spam filters. One of the most common ways intruders find entry into a network is by enticing a user to click on a bad link in an email. While spam filters probably won’t catch everything, increasing their sensitivity can reduce the volume of suspect emails.

Make sure your software has been developed with security in mind. This especially goes for programs that may have been written in-house.

Consistently apply security patches. These are often regularly produced by the vendors of software you run.

Educate users about safe computing. Enlist them to be more security-conscious when using a company computer system and/or handling sensitive data.


Deploy intrusion monitoring technology. Make sure it includes a threat intelligence feature to reduce the number of false positives.

Monitor what is happening on your network. All sorts of logs are generated by the various components of your network, and these can provide signals of intrusive activity. Centralize your log reporting and review it regularly.

Use Netflow software. This tool allows you to monitor the volume of communication between various components of your network. Unusual volumes or categories of traffic can be an indicator of trouble.

Conduct penetration testing. Engage a third-party to try to hack into your system. Weaknesses may be identified.

Generate regular reports for leadership. C-suite support clearly is necessary for a consistently strong security program. One of the best ways to generate that support is with metrics about intrusion attempts that demonstrate an ongoing threat.


Create a response plan and update it regularly. Define how to evaluate the threat posed by an intrusion and specify responses.

Involve your legal and communications folks. If you fall victim to a significant data breach, you may need to take quick legal action. And how will you minimize damage to your company’s reputation? It is vital to have a strong communications plan that identifies information about the breach needed by various stakeholder groups.

Get to know relevant local law enforcement officials. The FBI and state and local police agencies can be invaluable sources of information and support. It’s best not to have to meet them for the first time when a breach occurs.

While it’s true that an ounce of prevention can be worth a pound of cure, that ounce alone is not enough when it comes to securing your data. A robust approach that also includes detection and response is what you need.