Most breaches we investigate trace back to four missing controls: enforced MFA, off-site backups, automated patching and a runbook nobody has read since onboarding.
The four controls
- Enforce MFA on email, banking and admin panels.
- Daily off-site, encrypted backups with monthly restore tests.
- Automated OS and dependency patching.
- A one-page incident runbook with current phone numbers.