Harmful activity is expected to increase all the time and the threats do not only concern public sector organizations and their digital services, but also private sector. Ransomware and destructive attacks are often today. Also DDos attacks against Internet service are also common today.
Microsoft recommends raising and improving awareness of engineering tactics to protect your organization. Educate members of your technical team to watch out for and report any unusual contacts with colleagues. IT help desks should be hypervigilant about suspicious users and ensure that they are tracked and reported immediately. We recommend reviewing help desk policies for password resets for highly privileged users and executives to take social engineering into consideration.
Understand your risks and define a high-level plan for risk impact. Map technical risks and prioritize your actions based on recommendations: Protecting Exposed Environments (linkedin.com).