Once they gain unauthorized access, attackers can hide their presence and cover their tracks, and wait patiently “just for the right time” to further penetrate systems. “Some groups sit for weeks to map the business, ensuring maximum disruption,” he said.
Enterprises need a multi-layered approach
Enterprises must adopt a robust, multi-layered approach to security controls, response, and cyber hygiene, and embrace zero trust where access is “isolated, monitored, and revocable,” said Avakian. Map ERP, logistics, warehouse, and other business-critical systems, he advised, and apply safeguards like micro-segmentation, privileged user management (PAM), and multi-factor authentication (MFA).
An “assume breach” mindset is critical; this means conducting regular tabletop exercises, continuous monitoring, and threat hunting. Resilience also means reviewing incident response plans and playbooks, and employing air-gapped backups, said Avakian.