Recovery
We all talk of good backups but that only gets you access back to your data, it doesn't mitigate, in the least, the leak of the possibly-sensitive documents that have occurred from the theft.
It's easy to talk about hardening hardware, software and wetware but, especially in the wetware department, exactly how are you going to do that both productively and efficiently? Getting hundreds or thousands of humans on board regarding good operational practices, and maintaining those good practices across time, is known to be practically impossible - people will fall back to their old habits, especially if the new habits involve any additional level of labor on their part.
So the best you can do is create automated systems (anti-malware, etc) in the hopes of keeping the users safe from their own actions. But this isn't foolproof - nothing is. Even hardening those servers, networks, firewalls, air gaps and backups. This stuff is still bound to happen unless, IMHO, we make the criminals pay so heavily, make these actions state-level crimes with penalties at the level of "You'll never see daylight again", that the scum think twice of even attempting it. And actually putting in the effort to enforce that threat.
Biting the hand that feeds IT
