Your security strategy should be created with two methods in mind:
A proactive strategy – Make certain you get ahead of the threats with the proper tools and policies which cover physical security, policy and governance, assets that protect the assets (anti virus and malware, firewalls, intrusion detection and prevention solutions).
Identify what is most crucial and the risk associated with different types of information/data. Determine how an attack might impact your systems. Your strategy might be different for various types of information – like personnel information, banking/credit card data, or just critical business transactional databases that can’t be down, under any circumstance.
Identify incident response steps and resources: A key part of being proactively prepared is to have a contingency plan. Create an incident response matrix and define teams. Build solid, tested/validated and documented backup plans. Backup crucial configurations as often as is appropriate for the device/data on a system or network device. Test the restore capabilities too. You want to know how long you may have to deal with a recovery process. Management will want to know or should want to know what to expect.
The second method is the reaction to the attack – pull out the contingency plan. Start with the assessment, look for the root cause and apply the designed recovery steps built in your proactive plan. Again, you want to have a sense of how long a recovery back to normalcy may take.