Industrial Cyber Security
What is Application Whitelisting?
Industrial Cyber Security • Application Whitelisting is an emerging approach to combating viruses and malware • The basic concept is to create a list that permits only good known files to execute, rather than attempting to block malicious code and activity • First attempt to Whitelist approach is thru email management – eliminating spam and allowing delivery of messages only wanted
Industrial Cyber Security Whitelisting vs. Blacklisting • Blacklisting blocks or removes known harmful software • Blacklisting leaves a time gap between when new malware is detected and its inclusion in the latest security update • During this time gap, opportunity exists for breaches to take place. Malicious code exploit the vulnerability • With these increasing threats, Whitelisting provides additional defense 3
Industrial Cyber Security The Impact on the Control Systems Industry â€˘ Breaches to industrial cyber security can range from annoying to financially harmful and even approach levels of national security â€˘ For control systems, these exploitations can involve safety issues with the potential loss of life or damage to the environment â€˘ Risks represent solid reasons to white list. Whitelist application is designed to prevent unauthorized applications from running
Industrial Cyber Security The Impact on the Control Systems Industry • With industrial cyber security, whitelisting solutions must undergo same level of scrutiny that was used on antivirus solutions • With industrial cyber security, the focus of Business IT is different. The CIA’s (confidentiality, integrity and availability) level of importance is reversed • Whitelisting was designed and architected for the enterprise environment, industrial control systems industry has to overcome unique challenges
Industrial Cyber Security The Impact on the Control Systems Industry â€˘ List of challenges applies not only to whitelisting but to most mechanisms deployed for industrial control systems â€˘ All industrial cyber security solutions must extensively test new technologies on core control systems
Industrial Cyber Security About the Author Rick Kaun is global industrial IT solutions business development lead at Honeywell Process Solutions, a pioneer in automation control for more than 35 years. For more information about Industrial Cyber Security Solutions, please visit https://www.honeywellprocess.com/enUS/explore/services/industrial-itsolutions/Pages/default.aspx today.