In order to best protect your network from a cyberattack, it is important to understand the "why" and "how" behind cybercrime.
A primary goal of a cybercriminal is financial gain, but it is not the only motivation. Nation-state attackers seek to disrupt foreign infrastructure or economic activity, while a hacktivist's attack objective is to disrupt the activities of an organization they believe is in opposition to their agenda.
Cybercriminals also breach networks to use them as crypto mining resources or to steal an organization's intellectual property.
Although motivations may differ, most attacks follow the same process. Attackers research their targets and use open-source intelligence tools (OSINT) to gather information about the organization. By weaponizing phishing emails or websites that employees often utilize, or taking advantage of a known software vulnerability, hackers can infiltrate a network and install malware that avoids detection and gains control of the system.
The foundation of an effective defense against cyberattack is to foster a workplace culture of cybersecurity. This commitment to supporting cybersecurity measures should involve employees at all levels, from top executives to front-line workers. Employees are an important line of defense, and should be trained on secure password practices and how to recognize and report suspicious email or network activity.
Be sure to conduct regular reviews of your cybersecurity risk, approaching it with the mind of an attacker. Run OSINT on your organization to gain an understanding of how attackers might target you. Also, keep up to date on identified software vulnerabilities, installing patches when needed. Stu Sjouwerman "What your organization looks like in the eyes of a cyber attacker" www.fastcompany.com (Jan. 26, 2022).