Hackers, whether they are cyber criminals trying to trick you into clicking a ransomware download link, or whether they are nation state intelligence operatives planning to gain access to your infrastructure, can improve their odds massively through proper target reconnaissance prior to any form of offensive engagement. Learn how you can review your footprint and make your organization harder to hack.
Cybehave has an interesting post on OSINT and footprinting, and what approach companies can take to reduce the risk from this type of attack surface mapping: https://cybehave.no/2019/03/05/digital-footprint-how-can-you-defend-against-osint/ (disclaimer: written by me and I own 25% of this company).
tl;dr – straight to the to-do list
- Don’t publish information with no business benefit and that will make you more vulnerable
- Patch your vulnerabilities – both on the people and tech levels
- Build a friendly environment for your people. Don’t let them struggle with issues alone.
- Prepare for the worst (you can still hope for he best)