There isn’t an easy answer when it comes to protecting against and identifying cyber threats. The first step is to make sure you understand the basic types of cyber threats out there and start thinking about them regarding how they can impact your organization.
There are a few places to get started when it comes to protecting against cyber threats. First and foremost, is to make sure you understand the applications and data in your environment and the cost associated with downtime, data loss and data leaks.
If you have a disaster recovery plan in place, this is an excellent place to get started. After all, a cyber threat is a type of disaster. Be sure you have a good understanding of the Business Impact Analysis (BIA) that has been done in your organization. If no BIA has been done, this is an excellent place to get started.
After you understand how much these events cost, you can begin to put together solutions to protect against them. How much an incident will cost you will significantly impact your ability to mitigate security risks in your environment.
If an incident is a low impact in terms of cost, you will probably not be making a significant investment to protect that system. Likewise, if a system is deemed mission-critical and has a high price with an incident, you will preserve that system differently.