More often, I tend to see correlations between my business world and things in everyday life. To be fair, cyber security – the main focus of my business – is part of all of our lives on almost a daily basis. Whether it’s news about the latest threat or more advice on how to protect ourselves, it is a topic that is prominent. The correlations are more around how elements of cyber security can be relatable to others. Though we hear about cyber security often, it can be difficult to understand the nuances.
The latest correlation I experienced was in relation to basic access control mechanisms called blacklisting and whitelisting. In blacklisting, everyone has access except for members on the blacklist of who are denied access. On the contrast, with whitelisting everyone is denied except for the members on the whitelist.
How does this relate to everyday life? I was in the airport and heading towards security when I thought about the blacklist/whitelist correlation. Most of us are certainly familiar with the security line. We stand in line waiting for our credentials to be checked to see if we are on the no-fly list (aka the blacklist). If we are, access to boarding the plan is denied. On the other hand, some people all but bypass the long wait in the security lines as they have access to the TSA pre-check or CLEAR lines. This is due to the fact that they have already gone through the process of getting pre-qualified to fly (aka the whitelist).
Both methods of security checks are valid and have a purpose to keep us all safer as we fly. When it comes to cyber security, both methods also have a place to help protect the industrial control systems and the assets they control. The most important element is knowing when to apply the techniques.
Applying blacklisting techniques is quite common. Antivirus and anti-malware software is used to block bad actors. However application whitelisting is a more nuanced method that requires collaboration with security solution vendors to calibrate deployments based on baseline settings. This upfront time commitment results in a stronger layer of protection for servers from malware and zero-day attacks.
Learn more about how application whitelisting is an effective strategy in any cyber security program in a recent article published in Control Engineering here.