Here are some simple things that businesses can do to mitigate the risk of a cyber attack:

Breach readiness preparation

It is important to get your incident response capabilities prepared for the ‘when’, not ‘if’

Governance

Ensure that the cybersecurity strategy and organisation is in place

Frameworks

Develop benchmarks and conduct a gap-analysis

Threat modelling

Establish who your most likely adversaries are and how likely they are to attack

Physical penetration  testing

Do conduct physical penetration tests to establish how well the business is defended against the physical threat

Cyber exposure testing

Ensure that you fully understand the vulnerabilities that exist on your website, in your network

Digital footprint mapping

What information is out there about you? How could it be used to target you?

Phishing exercises

Conduct ethical phishing exercises to test your staff, raise awareness, and to educate your C-suite