When it comes to the question “Which tool should be implemented first?”, there really is no quick and easy answer. Priorities vary from one company to another and depending on the identified risks and attack scenarios and the tools already in place, as well as the resources available.
However, for companies not knowing where to start, the following aspects that are often implicated in many attacks should be addressed:
- weak passwords;
- lack of multi-factor authentication;
- missing updates;
- poor network segmentation.