Following a recent White House advisory urging all U.S. businesses to strengthen their cybersecurity posture, Dan Gunter, CEO of Insane Cyber, presents a practical breakdown of how to respond—immediately and effectively. The video prioritizes hands-on, no-cost or low-cost actions across three pillars of cybersecurity: prevention, detection, and response.
Start by figuring out which systems are mission-critical. Gunner suggests a simple (but unofficial) test: unplug the system—if the help desk is flooded with complaints, it’s likely essential. Gather input from business operators and long-standing employees to determine real-world dependencies.
Once you know your critical systems, check their health:
Are they patched and monitored?
Are logs and services configured correctly?
Are they exposed to the internet (e.g., via Shodan)?
Evaluate network trust zones:
Are firewall rules up-to-date?
Do foreign IPs have access?
Have third-party VPNs been reviewed?
This step is especially important in hybrid environments where traditional perimeter defenses are no longer sufficient.
You can’t detect what you don’t see. Ensure you’re:
Monitoring internal network segments (not just the edge)
Gathering enough data to perform meaningful incident response and threat hunting
Often, organizations have powerful detection tools that aren’t fully used. Audit your hardware/software to compare capabilities vs. configurations, then enable untapped detection features (e.g., logs, alerts, telemetry).
Run mock alerts to measure Mean Time to Detection (MTTD) and Mean Time to Response (MTTR). CrowdStrike and even Raspberry Pi asset tests can help assess how quickly alerts move through the pipeline and get reviewed.
Many organizations either don’t have a response plan or have one that’s outdated. Gunner urges you to:
Align the plan with your current infrastructure
Include third-party cloud providers
Train staff and run tabletop exercises
Know what to expect from the FBI, CISA, and vendor IR teams:
They are helpful—but busy
You must define expectations, data sharing boundaries, and legal considerations before an incident occurs
Use threat reports or public breach cases to simulate a real intrusion. Pull logs, trace indicators, and actually run through your IR playbook.
Threat hunting isn’t just for nation-state attacks. It’s a way to assess your prevention, detection, and response simultaneously. Even if you’re early in maturity, hunting helps you better understand your environment and sharpen your security posture.
Gunter recommends starting with manageable exercises and iterating regularly. Check out SANS’ white paper on threat hunting for in-depth guidance.
Cybersecurity readiness doesn’t always require a huge budget. By focusing on fundamentals—like understanding critical systems, verifying configurations, monitoring wisely, and preparing for response—any organization can make meaningful progress.
Practice, measure, and iterate. That’s the path to resilience.
To keep up with the latest in cybersecurity and forensic analysis, follow Insane Cyber and explore their research.
Our products are designed to work with
you and keep your network protected.
Insane Cyber © All Rights Reserved 2025
