Build, maintain, and distribute secure software: While the Colonial Pipeline attack was enabled by the theft of a password, better software security is still the most effective defense against hackers. That means all the software that an organization builds or acquires from other vendors or from the open source community.
Back up data regularly: Also, keep backups offline and not connected to the network.
Update and patch: Failing to install an available patch for a known vulnerability is like leaving the door to a vault wide open.
Train workers: Most employees want to protect the organization’s assets. But if they fall for a phishing email, reuse passwords, or don’t create complex ones, that can trump the best technology in the world.
Limit access: The more employees with access to sensitive data, the greater the risk. Network segregation can limit access to only what employees need to do their jobs.