Answer: Routine Vulnerability Scanning
Explanation: This sounds like a multiple choice question, and you haven't provided the choices, which makes this a little tougher. With that said, it sounds like this company was exploited by a vulnerability they did not know they had. The most effective way of preventing this is by incorporating vulnerability scanning into your routine security operations. Tools like Tenable Nessus, for example, can be configured to check many types of devices for outstanding vulnerabilites (CVE's, for example). Using tools like this, a company can keep an inventory of outstanding vulnerabilites, and choose to outright patch/fix them, or mitigate them to an acceptable level of risk. That way, most of your exploited, unknown vulnerabilites going forward will be mainly your Zero Days or something you were unable to remediate.