#How would you go about identifying signs of an impending cyber attack on an organization?

If your organisation has a decent security setup, you will be able to see it when it starts, depending on the kind of attack.

But also, @placid goblet is a security genius.

Not an expert, but it is possible that you may want first to get a list of commonly employed attacks, with known mitigation strategies, prioritise it by how vulnerable your org is to them, and to start implementing mitigations.
If you already have reasons to expect an attack - you might want to notify employees in your company (warn them to check sender emails, to not to open attachments from emails they are not 100% sure about, things like that).

Yeah, in that setting you're only going to be able to strengthen their security. And honestly, that requires a lot of experience and expertise.

I guess a general phishing/social engineering awareness training could be a possibility.

Depending on what kind of infrastructure your org is using, and what kind of resources you expect to be attacked - there would be different priorities.
For example if you only need to keep your org website available - you may want to put it behind something like cloudflare (google "DDoS protection").

Oh, I do not know enough do add anything of value here. If I knew specifics about the org and history of threats it faced, maybe I'd be able to add some (non-expert) ideas, but likely not of high quality, not from experience.