Once you’ve identified what you have, you need to protect it. The most successful approach entails layering defenses, also referred to as 'defense in depth'. The motivation is this: no defense is perfect and using multiple types of protection from different vendors increases your odds of blocking an attack or malware.

Another key aspect of Protect is regular maintenance. Since most attacks take advantage of some flaw in the software (a bug) and many attacks we see leverage outdated flaws, you can protect yourself by simply updating your software (patching). But you need to do it diligently and frequently.

Finally, train your people. It is common for attacks to focus on the human factor rather than the technological. Regular cybersecurity training and phishing simulations will train your team to be vigilant and develop cybersecure habits.

Understanding that the two greatest attack vectors are web and email, we recommend the following approach:

Use a Next Generation Firewall to inspect all web traffic (encrypted and unencrypted).

Talk to us about our Firewall-as-a-Service offering to get the firewall you need today

Inspect all emails for known and unknown malware before they even show up in your mailbox.

Talk to us about our Advanced Email Security gateway and we will explain why using multiple sandboxes is important

Deploy a Next Generation Antimalware agent to all your devices. This is your last line of defense and you should make sure you use the right one.

Talk to us about our End Point Protection (EPP) approach and start your free trial today

Make sure anyone that touches your data is getting at least yearly cybersecurity awareness training and performs regular phishing simulations to help them develop cybersecure habits.

Talk to us about our education platform and phishing simulation tools

You can find more information about the Protect Phase of the Five Functions of NIST here.