A company's security monitoring tools have flagged an escalating trend in unauthorized attempts targeting employee accounts on the corporate portal. Which countermeasure should be considered first by the security analyst to counteract this activity?
Conduct a comprehensive network vulnerability scan.
Renew all SSL certificates used by the company.
Increase the logging level of the portal access logs.
Implement a lockout policy.