If money was no object, I would hire 15,000 IT Security personal to develop a plan and implement it accordingly. If it were just me, I'd use basic security practices (long passwords, keep software updated, etc), use certificates for any logins, and use 2-factor Auth (Yubikey, Duo Security). I'm sure I'm missing other important stuffs.