Kaden Koskovich
The protections that are “necessary” can vary depending on the specific type of company or the domain it operates in. However, the basics for any company would be firewalls, anti-virus, and intrusion detection software. For a company that works mainly online, the firewalls, anti-virus, and the intrusion detection software need to be a focus. These basic thing serve as the first line of defense against would-be hackers, and they serve to mitigate breaches in security that may lead to a loss of availability. For a company that is a bit more in-person, physical security along with employee training is a basic and necessary expense. Security guards, cameras, and even locks serve to protect against malicious intruders attempting to sabotage the company’s critical infrastructure. As for the employees, having the proper training will equip them to be able to properly handle the implementation of recovery procedures and bounce back from any loss in availability. To better recover from any attacks, cyber or physical, every company needs backups of almost everything: servers, data drives, hardware, personnel, etc. The back-up servers would help recover from overload attacks such as a DOS attack. When the servers are overloaded and shutdown, they can be easily switched to and restore availability.