Kevin Gosschalk, CEO at Arkose Labs: Start by ensuring your organization doesn’t have any easily solved vulnerabilities. This is where things like bug-bounty programs come into play because they are really good at finding the low-hanging fruit.
The goal is to make it more expensive for attackers by moving the attack surface as far out to the perimeter as possible, making it more expensive for attackers to go after your company. Raising the bar of entry requires your firewalls are properly configured and staff are following policies around email and other user behaviors.