Make Your Company's Network a Less Inviting Target
The problem is it's almost impossible to make an impregnable network that's also attached to the Internet. The only way to be certain is can't be breached is to disconnect the Internet, put your servers in a vault and station a squad of Marines around it. And that will only work if one of the hackers isn't also one of the Marines. And that's one of the basic problems that lead to data breaches. You can't always trust your employees. Employees have nasty habits of writing down their passwords, making copies of sensitive data so they don't have to deal with the encryption software, attaching unprotected WiFi APs to your network so they don't have to deal with that annoying Ethernet cable. And sometimes the employees are working with the attackers to breach your defenses as happened with the WikiLeaks case last year.But most important, you have to be willing to invest in your staff. This means you don't just give your IT people a shiny new firewall and tell them to implement it; you need to pay for training and probably for ongoing support so that the security hardware, software and procedures in your company stay up-to-date. You also have to realize that no security system is perfect. But if you make it hard enough to break in, then the hackers will attack some other company. If you also make sure that you have nothing that they can breach easily, you will decrease the interest in an attack on your company. But it takes constant training and constant vigilance. In a way, the best news to come out of the arrests of Anonymous and LulzSec is if it has prompted your company to pay closer attention to network security. Being lulled into a sense of complacency is perhaps the best way to help the people that would attack your network. Staying on top of your security will help ensure that you're not an inviting target for the next attack.
So what do you do? The bottom line is that you need to invest wisely in security. This means that you get the firewalls that you actually need and you pay to train the person who has to configure and run the device. You encrypt your data; you take steps to limit access to data to specific people; you track what they do; and you set your rules on internal and external firewalls to prevent the movement of such data.