A company's security monitoring tools have flagged an escalating trend in unauthorized attempts targeting employee accounts on the corporate portal. Which countermeasure should be considered first by the security analyst to counteract this activity?
Increase the logging level of the portal access logs.
Renew all SSL certificates used by the company.
Implement a lockout policy.
Conduct a comprehensive network vulnerability scan.