Recognize what can go wrong and have a plan for it.
Assume there are active threats, what do you need to protect now?
What are the immediate risks?
Verify the information, making sure you authenticate the source.
Build layers and engage a threat at the outermost one.
Always attack first.
Simplify security. Know your environment and apply the fundamentals.