Be proactive, not reactive: 5 steps to a cyber security prevention plan

James Healey, Managing Director at Air IT, explains the five main steps that a company should take in preventing a cyber attack.
Cyber security news, such as the Marriott hack in November, is dominating headlines, and becoming a serious headache for business leaders.
This article offers CTOs, businesses and tech leaders the advice and actionable information they need to implement a solid cyber prevention plan. And, make sure that their business is not tomorrow’s headline.
A new report has found that nearly two-thirds of respondents lack confidence in their organisations’ ability to prevent serious damage from a cyber attack.
As technology grows more sophisticated, so to do hackers as they constantly work on new threats and software. Only this month, hotel giant Marriott was found to have suffered one of the world’s biggest hacks ever reported following a string of security breaches, leading to the theft of data from its 500-million customer database.
Hackers are using valid credentials and connections to make it substantially more difficult for businesses to detect them. But at a time when we are increasingly relying on connected devices which store and utilise vast pools of valuable information, organisations must take the time to develop a sound security strategy to prevent their data from falling into the wrong hands.
Over 70% of all data breaches in SMEs are due to internal vulnerabilities, such as failure to follow policies and procedures and lack of expertise — 36% of these breaches are caused by misuse of data by employees. There has to be more done, and there must be a prevention plan in place, not a hasty reactive motion when an attack hits which may get rid of the current problem, but not prevent other, more advanced attacks. Prevention is better than cure — you take steps to prevent viruses and infections from your body, so why not your network?
1. Assess your current cyber hygiene
The UK Government backs an innovative scheme called Cyber Essentialswhich is designed to help all companies improve their cyber hygiene. It’s an essential requirement for any business bidding on government contracts, but it’s beneficial for any company, as it’s believed to reduce the risk of an attack by up to 80%. It results in a certification which demonstrates a commitment to protecting business and stakeholder data from threats – crucial for building customer trust. The scheme covers all essential controls such as firewalls, malware prevention and up-to-date software.
Businesses can self-assess, or go through a Cyber Essentials or Cyber Essentials Plus certifying body, which can manage the whole process from initial audit to actions needed, right through to completing your assessment and issuing your certificate. This gives the business a practical framework to measure itself against, and reassures customers that it takes security seriously as well as proving your commitment to good cyber security practices.
2. Good housekeeping
There’s no replacement for the basics. Updates and patching should be performed regularly — WannaCry, the ransomware that caused chaos across the world, exploited unpatched Windows systems to spread malware. Businesses should steer away from legacy systems like Windows XP, as these no longer receive updates and are especially vulnerable to attack.
Get in the habit of conducting regular routine maintenance and audits, and seek a service provider if necessary, which can use specialist software to block ransomware strains.
Other admin that businesses can do is limiting user privileges for employees, by making sure they only have access to the servers and drives that they need to complete work. For example, most staff do not need access to any HR files. Along with being a possible breach of GDPR standards, the more people that have access to personal information, the less chance you have of preventing the spread of an attack if you’re compromised.
3. Raise awareness, stay vigilant
Awareness should always underpin your prevention plan. SMEs are often targeted as the way in for financial attacks through phishing or impersonation with the aim to extract financial data or currency. This is often due to it being easier to take advantage of human behaviour to target specific individuals who may not have had the right training. Whether it’s lack of awareness or just lazy decisions, they need to be properly trained on the risks and repercussions, along with potential hacking tricks as the majority of malware still requires a human action to initiate it.
Build on their education, raise their awareness of cybercrime, and make sure that they stay vigilant. Signs like grammatical errors and email addresses that don’t match the sender are common signs of a malicious email, for example. Also, implement a mandatory strong password rule, and ensure that all employees have access to the incident response policy. No defence strategy is watertight, but with the right prevention methods in place, you can reduce the risk of the human factor.
4. Layered prevention approach
Proactive technology must be in place to help you to identify and mitigate threats. Managed security packages and dark web monitoring solutions can proactively monitor for threats and compromised user credentials so you can stop an attack before it happens or minimise the damage. By using human and artificial threat intelligence, monitoring services can find your vulnerabilities and any compromised or exposed credentials.
There are also business-grade security solutions that can help protect the network and users from would be attacks such as anti-virus, anti-spam and business grade firewalls. Businesses should always invest in a layered defence strategy, as the more comprehensive the set up is, the less chance an attack will succeed as it has to pass through the various layers.
Avoid free products and solutions which claim that they can keep malware off your PC. Windows Defender, for instance, doesn’t stop adware or Potentially Unwanted Programs (PUP) and doesn’t possess the accuracy and effectiveness that more sophisticated prevention tools do.
Paid-for prevention tools are a small price to pay for the reassurance of digital safety. The cost of a hack to a business would be much more than the cost of the prevention technology.
5. Better safe than sorry
While it’s important to be proactive, businesses need a recovery plan in place in the event of a disaster or any downtime. A staggering 60% of businesses that encounter an attack go out of business in their first year, because of attacks to their network and users. While the big dogs like the NHS, Sony and Equifax dominate the headlines when they suffer attacks, it’s the SMEs that are secretly suffering the worst due to factors such as the human element and not prioritising investments, as mentioned above.
Under GDPR legislation, you must have a plan in place to be able to restore data, whether it’s a cyber attack, file corruption or simple data loss, otherwise you risk non-compliance. IT continuity is the bread and butter of so many businesses, and you must make sure that you have a backup and business continuity plan to prepare, should the worst happen. Seek Disaster Recovery as a Service (DRaaS) to protect critical business data and get operational again after a disaster.
While there is not a simple, singular solution to combat hack attacks and deter criminals, a layered prevention plan is crucial. Follow these steps, and data misuse and abuse can be minimised, while still enabling your business to take advantage of the growing opportunities the internet can harness.
source informationage
Industry: Cyber Security News

Latest Jobs
-
- Account Manager - IT Services
- Germany
- €90000 plus OTE and Car
-
Are you a deal closer with a hunter mindset? Do you know how to uncover business pain points, and turn them into long-term digital transformation partnerships? Our Client are growing their sales force across Germany and looking for an ambitious, straight-talking Account Manager to take the lead on new client acquisition. You’ll focus on mid-sized to large enterprises across Germany helping to shape their digital future with tailored IT solutions in Workplace, Cloud, and Security. • Drive Growth: Own the full sales cycle for new business across your region. • Solution Sell: Build bespoke offers in Security, Digital Workplace and Cloud solutions • Build Relationships: Establish a solid pipeline through smart prospecting, marketing-driven leads, and your own network. • Represent a brand known for trust, delivery, and tech excellence—with 4,000 employees globally and a growing team within Germany. What You Bring • Proven new logo sales experience in the IT services space (not hardware!) • Deep knowledge in one or more of: Cybersecurity, Digital Workplace, or Cloud • Confidence to lead enterprise deals and pitch directly to senior stakeholders • Fluent German and good English skills Sind Sie ein Abschlussprofi mit Hunter-Mentalität? Wissen Sie, wie man geschäftliche Pain Points identifiziert und in langfristige Partnerschaften zur digitalen Transformation verwandelt? Unser Kunde baut derzeit sein Vertriebsteam in ganz Deutschland aus und sucht eine ambitionierte, ehrliche Persönlichkeit als Account Manager, die den Lead bei der Neukundengewinnung übernimmt. Ihr Fokus liegt auf mittelständischen bis großen Unternehmen in Deutschland, denen Sie mit maßgeschneiderten IT-Lösungen in den Bereichen Workplace, Cloud und Security den Weg in die digitale Zukunft ebnen. Ihre Aufgaben • Wachstum vorantreiben: Verantwortung für den gesamten Vertriebszyklus im Neugeschäft Ihrer Region. • Lösungsorientierter Vertrieb: Entwicklung individueller Angebote in den Bereichen Security, Digital Workplace und Cloud-Lösungen. • Beziehungen aufbauen: Aufbau einer stabilen Pipeline durch gezielte Ansprache, marketinggenerierte Leads und Ihr eigenes Netzwerk. • Marke repräsentieren: Werden Sie Teil eines Unternehmens mit 4.000 Mitarbeitenden weltweit und einem stark wachsenden Team in Deutschland – bekannt für Vertrauen, Verlässlichkeit und technologische Exzellenz. Was Sie mitbringen • Nachgewiesene Erfahrung in der Neukundenakquise im Bereich IT-Services (kein Hardwarevertrieb!) • Fundiertes Wissen in mindestens einem der Bereiche: Cybersecurity, Digital Workplace oder Cloud • Selbstbewusstes Auftreten im Umgang mit Enterprise-Deals und Entscheidungsträgern auf Top-Level • Verhandlungssichere Deutschkenntnisse und gute Englischkenntnisse
-
- Senior SOC Analyst Level 3. Microsoft Security stack | Ability to achieve SC Clearance
- London
- To attract the right person
-
Job Title: Senior SOC Analyst Level 3. Microsoft Security stack | Ability to achieve SC Clearance Location: Hybrid remote | London / Berkshire Overview: Senior SOC Analyst Level 3 to join a specialist Managed Security Services business. You will be responsible for advanced threat hunting / triage, incident response etc with a strong focus on the Microsoft Security Stack. Key Responsibilities: Lead and resolve complex security incidents / escalations Conduct advanced threat hunting using the Microsoft Security Stack. Build, optimise and maintain workbooks, rules, analytics etc. Correlate data across Microsoft 365 Defender, Azure Defender and Sentinel. Perform root cause analysis and post-incident reporting. Aid in mentoring and upskilling Level 1 and 2 SOC analysts. Required Skills & Experience: The ability to achieve UK Security Clearance (SC) – existing clearance ideal. (Sorry no visa applications) Current experience working with a SOC environment Microsoft Sentinel: Development and tuning of custom analytic rules. Workbook creation and dashboarding. Automation using Playbooks and SOAR integration. Kusto Query Language (KQL): Writing complex, efficient queries for advanced threat hunting and detection. Correlating data across key tables (e.g., SignInLogs, SecurityEvent, OfficeActivity, DeviceEvents). Developing custom detection rules, optimising performance, and reducing false positives. Supporting Sentinel Workbooks, Alerts, and Playbooks through advanced KQL use. Deep understanding of incident response, threat intelligence and adversary techniques (MITRE ATT&CK framework). Strong knowledge of cloud and hybrid security, particularly within Azure. Additional Requirements: Must hold or be eligible to achieve a minimum of Security Clearance (SC) level. Nice to have certifications (e.g., SC-200, AZ-500, GIAC) are desirable. Strong problem-solving and analytical skills. Excellent communication for clear documentation and team collaboration. Please follow Wheaton’s Law.
-
- New Business Sales Hunter | Cyber Security (UK Based)
- London
- To attract the right person
-
New Business Sales Hunter needed | Cybersecurity (UK Based) Are you looking for uncapped commission, a fun and sociable team that drives success with no politics? If so...You must Be UK based - and able to achieve UK SC clearance. (sorry no visas) Have a demonstrable history of sales success in Cyber Security Follow Weatons law. The role: Seeking a proven New Business Sales Hunter to join an established, successful and expanding cyber security firm. New business focused - £1m GP year one target (ramped). Sell a blend of security services & professional services. Ideal experience selling some or all of the following Cyber strategy & risk management Managed detection & response (MDR) Penetration testing Compliance & audit support You: Strong cybersecurity/IT services sales track record. Confident selling into mid-market & enterprise. UK based - London commutable 1x per week. Hunter mindset, full sales cycle ownership. Don't just send an email to apply give me a call on 07884666351
-
- CyberArk Architect
- London
- Upto £110,000 plus bonus and benefits
-
Are you ready to lead from the front and drive innovation in the Identity & Access Management (IAM) space? We’re looking for a seasoned CyberArk Architect who has CDE-CPC ideally or experience with privilege Cloud, someone who can lead with vision, execute with precision, and inspire teams to deliver excellence. As a key leader in our organisation, you’ll bring your strong business acumen and a technology-focused, innovative mindset to the table. You’ll be driving strategic initiatives, shaping transformation programs, and empowering teams to think big and deliver even bigger. Acting as a subject matter expert in CyberArk Leading strategic transformations in: Identity Governance Privileged Access Management (PAM) Access Management Customer Identity and Access Management (CIAM) Building and maintaining strong, collaborative relationships within the team Communicating clearly and confidently — both written and verbal — to deliver updates, raise potential issues, and share insights If you are interested in the above position we are looking for people with: deep expertise and a successful track record in IAM strategy, delivery, or assurance with CyberArk Hold relevant certifications such as CDE in Privileged Cloud or Guardian Have experience in a client-facing role (preferred, but not essential) Thrive in a hybrid working environment and are available to work from our or client London office three days a week Lead with clarity, communicate with impact, and adapt quickly to changing priorities