Develop a relationship with vendors with expertise on cyberattacks. It may be tempting to try to rely only on in-house resources and talent, both as a way to control costs and protect valuable information about your infrastructure, but many vendors and consulting companies have worked through multiple cyberattacks and have tremendous experience under their belts. Hiring one of these companies may well stop a cyberattacks before it does serious harm.
Using the security technology you have in place, understand what readings are important and what may well be just noise. In an effort to impress and appear complete, many software vendors monitor every little thing under the sun and spin up a multitude of readings that can mask or inadvertently dilute the notifications of serious problems. Use your technology wisely and understand what notifications refer to high-value targets so you can act earlier in the attack lifecycle.