@BasedLunatic The weakest link in a company security is always a human. Why try to get into their infra from the outside, when some dumbass will open a zip file with a vbs script. AV won't save you against something custom anyway. At best it will figure out something isn't right after the infection.

>implement an awareness and training program
aka. The hackers are big scary program. Sure, your employees will know what a cybercriminal is, think he's probably wearing a hoodie all day sitting in front of a computer with the matrix scroll. But some retard will still click on a link even when told not do so, even if you set Exchange to mark external incoming emails with [EXTERNAL] in the subject and inject a warning into the body.

Bbbut, since implementing a training program, our phishing tests have gone down by 30% from 50%. Which literally means, half of your company will still get you infected, if something malicious lands in their inbox.

>consider disabling Ransomware Deployment Protocol

>change password regularly
aka. I'll add some number to the end of my password, because the IT retards keep wanting me to change it every 2 months.