Abstract image of a woman sitting on books and studying on a laptop

Industrial Cyber Security: What is Application Whitelisting?

Download as PPTX, PDF
H
honeywellgf

Application whitelisting is a proactive cybersecurity approach that allows only known safe applications to execute, reducing the risk of malware and viruses. Unlike blacklisting, which reacts to newly identified threats, whitelisting helps prevent breaches by restricting unauthorized applications, addressing unique challenges in industrial control systems where safety and environmental risks are significant. The author, Rick Kaun, highlights the importance of thorough testing and scrutiny for whitelisting solutions within the industrial sector.

TechnologyBusiness
1 of 7
Downloaded 33 times
1
2
3
4
5
6
7
Industrial Cyber Security What is Application Whitelisting?
Industrial Cyber Security • Application Whitelisting is an emerging approach to combating viruses and malware • The basic concept is to create a list that permits only good known files to execute, rather than attempting to block malicious code and activity • First attempt to Whitelist approach is thru email management – eliminating spam and allowing delivery of messages only wanted 2
Industrial Cyber Security Whitelisting vs. Blacklisting • Blacklisting blocks or removes known harmful software • Blacklisting leaves a time gap between when new malware is detected and its inclusion in the latest security update • During this time gap, opportunity exists for breaches to take place. Malicious code exploit the vulnerability • With these increasing threats, Whitelisting provides additional defense 3
Industrial Cyber Security The Impact on the Control Systems Industry • Breaches to industrial cyber security can range from annoying to financially harmful and even approach levels of national security • For control systems, these exploitations can involve safety issues with the potential loss of life or damage to the environment • Risks represent solid reasons to white list. Whitelist application is designed to prevent unauthorized applications from running 4
Industrial Cyber Security The Impact on the Control Systems Industry • With industrial cyber security, whitelisting solutions must undergo same level of scrutiny that was used on anti- virus solutions • With industrial cyber security, the focus of Business IT is different. The CIA’s (confidentiality, integrity and availability) level of importance is reversed • Whitelisting was designed and architected for the enterprise environment, industrial control systems industry has to overcome unique challenges 5
Industrial Cyber Security The Impact on the Control Systems Industry • List of challenges applies not only to whitelisting but to most mechanisms deployed for industrial control systems • All industrial cyber security solutions must extensively test new technologies on core control systems 6
Industrial Cyber Security About the Author Rick Kaun is global industrial IT solutions business development lead at Honeywell Process Solutions, a pioneer in automation control for more than 35 years. For more information about Industrial Cyber Security Solutions, please visit https://www.honeywellprocess.com/en- US/explore/services/industrial-it- solutions/Pages/default.aspx today. 7

More Related Content

PPSX
Security policies
Nishant Pahad
 
PPT
Security policy
Dhani Ahmad
 
PPTX
Network security
Madhumithah Ilango
 
PPTX
Enterprise Security Architecture
Priyanka Aash
 
PDF
DLP Systems: Models, Architecture and Algorithms
Liwei Ren任力偉
 
PDF
5. Identity and Access Management
Sam Bowne
 
PPTX
Zero Trust
Boaz Shunami
 
PDF
11 palo alto user-id concepts
Mostafa El Lathy
 
Security policies
Nishant Pahad
 
Security policy
Dhani Ahmad
 
Network security
Madhumithah Ilango
 
Enterprise Security Architecture
Priyanka Aash
 
DLP Systems: Models, Architecture and Algorithms
Liwei Ren任力偉
 
5. Identity and Access Management
Sam Bowne
 
Zero Trust
Boaz Shunami
 
11 palo alto user-id concepts
Mostafa El Lathy
 

What's hot (20)

PPTX
Identity and Access Management (IAM)
Identacor
 
PPTX
Security Policies and Standards
primeteacher32
 
PDF
Access Control Presentation
Wajahat Rajab
 
PPTX
System security
sommerville-videos
 
PPTX
Security and privacy in cloud computing.pptx
TRSrinidi
 
PDF
Cloud security
BikashPokharel3
 
PDF
Enterprise Security Architecture for Cyber Security
The Open Group SA
 
PPTX
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
PPTX
Zero Trust Framework for Network Security​
AlgoSec
 
PDF
HITRUST 101: All the basics you need to know
➲ Stella Bridges
 
PDF
Types of Threat Actors and Attack Vectors
LearningwithRayYT
 
PPTX
SIEM - Your Complete IT Security Arsenal
ManageEngine EventLog Analyzer
 
PPT
Introduction to Cyber Security
Stephen Lahanas
 
PDF
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
PPTX
Enterprise Security Architecture Design
Priyanka Aash
 
DOC
Cloud security
Mohamed Shalash
 
PPTX
CISSP - Chapter 4 - Network Topology
Karthikeyan Dhayalan
 
PDF
Identity & Access Management by K. K. Mookhey
Network Intelligence India
 
PPT
Information Security Policies and Standards
Directorate of Information Security | Ditjen Aptika
 
PDF
IDENTITY ACCESS MANAGEMENT
Prof. Jacques Folon (Ph.D)
 
Identity and Access Management (IAM)
Identacor
 
Security Policies and Standards
primeteacher32
 
Access Control Presentation
Wajahat Rajab
 
System security
sommerville-videos
 
Security and privacy in cloud computing.pptx
TRSrinidi
 
Cloud security
BikashPokharel3
 
Enterprise Security Architecture for Cyber Security
The Open Group SA
 
4_Session 1- Universal ZTNA.pptx
aungyekhant1
 
Zero Trust Framework for Network Security​
AlgoSec
 
HITRUST 101: All the basics you need to know
➲ Stella Bridges
 
Types of Threat Actors and Attack Vectors
LearningwithRayYT
 
SIEM - Your Complete IT Security Arsenal
ManageEngine EventLog Analyzer
 
Introduction to Cyber Security
Stephen Lahanas
 
Zero Trust Model Presentation
Gowdhaman Jothilingam
 
Enterprise Security Architecture Design
Priyanka Aash
 
Cloud security
Mohamed Shalash
 
CISSP - Chapter 4 - Network Topology
Karthikeyan Dhayalan
 
Identity & Access Management by K. K. Mookhey
Network Intelligence India
 
Information Security Policies and Standards
Directorate of Information Security | Ditjen Aptika
 
IDENTITY ACCESS MANAGEMENT
Prof. Jacques Folon (Ph.D)
 
Ad

Viewers also liked (20)

PDF
The Firewall Policy Hangover: Alleviating Security Management Migraines
AlgoSec
 
PPTX
Defense against botnets
Vaibhav Ahlawat
 
PPTX
Tune in for the Ultimate WAF Torture Test: Bots Attack!
Distil Networks
 
PPTX
Digital strategy - security
Nansje
 
DOCX
Funny miss la sen hand sketching
Miss La Sen house
 
PDF
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
ARC Advisory Group
 
PDF
Cyber Security: Protecting Today's Mission Critical Public Safety Networks
LRKimball
 
PDF
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
Symantec
 
PDF
Cyber Warfare vs. Hacking (in English)
Digicomp Academy AG
 
PDF
Internet and Society: Internet Use And Digital Divide
James Stewart
 
PPTX
Cyber security , an Analysis of State Security in Sri Lanka
Evan Pathiratne
 
PPTX
Cyber Security Awareness Program
John Rocco
 
PDF
Cyber Security Awareness (Reduce Personal & Business Risk)
Gian Gentile
 
PDF
NACCTFO Cyber Security Presentation 2014 New Orleans
Maurice Dawson
 
PDF
Prensentasi indosat
Farhan Akbar
 
PDF
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
Luca Moroni ✔✔
 
PDF
Greater China Cyber Threat Landscape - ISC 2016
Sergey Gordeychik
 
PDF
Cyber Security Strategies and Approaches
vngundi
 
PPTX
Cyber security awareness for end users
NetWatcher
 
PPT
Cyber security awareness training by cyber security infotech(csi)
Cyber Security Infotech
 
The Firewall Policy Hangover: Alleviating Security Management Migraines
AlgoSec
 
Defense against botnets
Vaibhav Ahlawat
 
Tune in for the Ultimate WAF Torture Test: Bots Attack!
Distil Networks
 
Digital strategy - security
Nansje
 
Funny miss la sen hand sketching
Miss La Sen house
 
ARC's Bob Mick Cyber Security Presentation @ ARC Industry Forum 2010
ARC Advisory Group
 
Cyber Security: Protecting Today's Mission Critical Public Safety Networks
LRKimball
 
PRESENTATION▶ Cyber Security Services (CSS): Security Simulation
Symantec
 
Cyber Warfare vs. Hacking (in English)
Digicomp Academy AG
 
Internet and Society: Internet Use And Digital Divide
James Stewart
 
Cyber security , an Analysis of State Security in Sri Lanka
Evan Pathiratne
 
Cyber Security Awareness Program
John Rocco
 
Cyber Security Awareness (Reduce Personal & Business Risk)
Gian Gentile
 
NACCTFO Cyber Security Presentation 2014 New Orleans
Maurice Dawson
 
Prensentasi indosat
Farhan Akbar
 
ISACA SLOVENIA CHAPTER October 2016 - Lubiana
Luca Moroni ✔✔
 
Greater China Cyber Threat Landscape - ISC 2016
Sergey Gordeychik
 
Cyber Security Strategies and Approaches
vngundi
 
Cyber security awareness for end users
NetWatcher
 
Cyber security awareness training by cyber security infotech(csi)
Cyber Security Infotech
 
Ad

Similar to Industrial Cyber Security: What is Application Whitelisting? (20)

PDF
Industrial Control Security USA Sacramento California Oct 13/14
James Nesbitt
 
PDF
Industrial Control Cyber Security Europe 2015
James Nesbitt
 
PDF
ICS_WhitePaper_Darktrace
Austin Eppstein
 
PDF
Darktrace white paper_ics_final
CMR WORLD TECH
 
PDF
Cyber war scenario what are the defenses
A. V. Rajabahadur
 
PDF
Cyber security colombo meetup
Eguardian Global Services
 
PPTX
Critical Infrastructure Security by Subodh Belgi
ClubHack
 
PDF
Conférence ENGIE ACSS 2018
African Cyber Security Summit
 
PDF
SMi Group's Oil & Gas Cyber Security conference & exhibition
Dale Butler
 
PDF
Ics white paper report 2017
Ir. Indin Hasan ST, MT, IPM, ASEAN Eng
 
PDF
2021. Top Cyber News MAGAZINE Daniel Ehrenreich October 2021
Dr. Ludmila Morozova-Buss
 
PDF
Top Cyber News Magazine Daniel Ehrenreich
TopCyberNewsMAGAZINE
 
PPTX
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Digital Bond
 
PDF
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Hamilton
 
PPT
Control system including PLC cybersecurity
Dr.Maged Mikhail
 
PDF
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Community Protection Forum
 
PDF
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
CoreTrace Corporation
 
PDF
Industrial Control Systems Security and Resiliency Practice and Theory Craig ...
tworkaireyl9
 
PPTX
InduSoft Speaks at Houston Infragard on February 17, 2015
AVEVA
 
PDF
CyCron 2016
Cruxcreative
 
Industrial Control Security USA Sacramento California Oct 13/14
James Nesbitt
 
Industrial Control Cyber Security Europe 2015
James Nesbitt
 
ICS_WhitePaper_Darktrace
Austin Eppstein
 
Darktrace white paper_ics_final
CMR WORLD TECH
 
Cyber war scenario what are the defenses
A. V. Rajabahadur
 
Cyber security colombo meetup
Eguardian Global Services
 
Critical Infrastructure Security by Subodh Belgi
ClubHack
 
Conférence ENGIE ACSS 2018
African Cyber Security Summit
 
SMi Group's Oil & Gas Cyber Security conference & exhibition
Dale Butler
 
Ics white paper report 2017
Ir. Indin Hasan ST, MT, IPM, ASEAN Eng
 
2021. Top Cyber News MAGAZINE Daniel Ehrenreich October 2021
Dr. Ludmila Morozova-Buss
 
Top Cyber News Magazine Daniel Ehrenreich
TopCyberNewsMAGAZINE
 
Process Whitelisting and Resource Access Control For ICS Computers, Kuniyasu ...
Digital Bond
 
Booz Allen Industrial Cybersecurity Threat Briefing
Booz Allen Hamilton
 
Control system including PLC cybersecurity
Dr.Maged Mikhail
 
Cyber Security: Differences between Industrial Control Systems and ICT Approach
Community Protection Forum
 
NetSpi Whitepaper: Hardening Critical Systems At Electrical Utilities
CoreTrace Corporation
 
Industrial Control Systems Security and Resiliency Practice and Theory Craig ...
tworkaireyl9
 
InduSoft Speaks at Houston Infragard on February 17, 2015
AVEVA
 
CyCron 2016
Cruxcreative
 

Recently uploaded (20)

PDF
giants, standing on the shoulders of - by Daniel Stenberg
Daniel Stenberg
 
PDF
A symptom-driven medical diagnosis support model based on machine learning te...
IAESIJAI
 
PPTX
MuleSoft-Compete-Deck for midddleware integrations
zupittejas
 
PDF
ment.tech-Siri Delay Opens AI Startup Opportunity in 2025.pdf
thomasnova26
 
PDF
Electrocardiogram sequences data analytics and classification using unsupervi...
IAESIJAI
 
PDF
LMS bot: enhanced learning management systems for improved student learning e...
IAESIJAI
 
PDF
Ensemble model-based arrhythmia classification with local interpretable model...
IAESIJAI
 
PPTX
Internet of Everything -Basic concepts details
sendilkumar66
 
PPTX
AI-driven Assurance Across Your End-to-end Network With ThousandEyes
ThousandEyes
 
PDF
NewMind AI Weekly Chronicles – August ’25 Week IV
NewMind AI
 
PDF
AI.gov: A Trojan Horse in the Age of Artificial Intelligence
Michael Weaver
 
PDF
Transform-Your-Factory-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
PDF
Connector Corner: Transform Unstructured Documents with Agentic Automation
DianaGray10
 
PDF
Accessing-Finance-in-Jordan-MENA 2024 2025.pdf
Mustafa Kuğu
 
PDF
Aug23rd - Mulesoft Community Workshop - Hyd, India.pdf
Ravi Tamada
 
PDF
CEH Module 2 Footprinting CEH V13, concepts
ammarhassan185568
 
PDF
Introduction to MCP and A2A Protocols: Enabling Agent Communication
Maxim Salnikov
 
PDF
Transform-Your-Streaming-Platform-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
PDF
IT-ITes Industry bjjbnkmkhkhknbmhkhmjhjkhj
yatharthjutt100311
 
PDF
Transform-Your-Supply-Chain-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
giants, standing on the shoulders of - by Daniel Stenberg
Daniel Stenberg
 
A symptom-driven medical diagnosis support model based on machine learning te...
IAESIJAI
 
MuleSoft-Compete-Deck for midddleware integrations
zupittejas
 
ment.tech-Siri Delay Opens AI Startup Opportunity in 2025.pdf
thomasnova26
 
Electrocardiogram sequences data analytics and classification using unsupervi...
IAESIJAI
 
LMS bot: enhanced learning management systems for improved student learning e...
IAESIJAI
 
Ensemble model-based arrhythmia classification with local interpretable model...
IAESIJAI
 
Internet of Everything -Basic concepts details
sendilkumar66
 
AI-driven Assurance Across Your End-to-end Network With ThousandEyes
ThousandEyes
 
NewMind AI Weekly Chronicles – August ’25 Week IV
NewMind AI
 
AI.gov: A Trojan Horse in the Age of Artificial Intelligence
Michael Weaver
 
Transform-Your-Factory-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
Connector Corner: Transform Unstructured Documents with Agentic Automation
DianaGray10
 
Accessing-Finance-in-Jordan-MENA 2024 2025.pdf
Mustafa Kuğu
 
Aug23rd - Mulesoft Community Workshop - Hyd, India.pdf
Ravi Tamada
 
CEH Module 2 Footprinting CEH V13, concepts
ammarhassan185568
 
Introduction to MCP and A2A Protocols: Enabling Agent Communication
Maxim Salnikov
 
Transform-Your-Streaming-Platform-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 
IT-ITes Industry bjjbnkmkhkhknbmhkhmjhjkhj
yatharthjutt100311
 
Transform-Your-Supply-Chain-with-AI-Driven-Quality-Engineering.pdf
Kalilur Rahman
 

Industrial Cyber Security: What is Application Whitelisting?

  • 1. Industrial Cyber Security What is Application Whitelisting?
  • 2. Industrial Cyber Security • Application Whitelisting is an emerging approach to combating viruses and malware • The basic concept is to create a list that permits only good known files to execute, rather than attempting to block malicious code and activity • First attempt to Whitelist approach is thru email management – eliminating spam and allowing delivery of messages only wanted 2
  • 3. Industrial Cyber Security Whitelisting vs. Blacklisting • Blacklisting blocks or removes known harmful software • Blacklisting leaves a time gap between when new malware is detected and its inclusion in the latest security update • During this time gap, opportunity exists for breaches to take place. Malicious code exploit the vulnerability • With these increasing threats, Whitelisting provides additional defense 3
  • 4. Industrial Cyber Security The Impact on the Control Systems Industry • Breaches to industrial cyber security can range from annoying to financially harmful and even approach levels of national security • For control systems, these exploitations can involve safety issues with the potential loss of life or damage to the environment • Risks represent solid reasons to white list. Whitelist application is designed to prevent unauthorized applications from running 4
  • 5. Industrial Cyber Security The Impact on the Control Systems Industry • With industrial cyber security, whitelisting solutions must undergo same level of scrutiny that was used on anti- virus solutions • With industrial cyber security, the focus of Business IT is different. The CIA’s (confidentiality, integrity and availability) level of importance is reversed • Whitelisting was designed and architected for the enterprise environment, industrial control systems industry has to overcome unique challenges 5
  • 6. Industrial Cyber Security The Impact on the Control Systems Industry • List of challenges applies not only to whitelisting but to most mechanisms deployed for industrial control systems • All industrial cyber security solutions must extensively test new technologies on core control systems 6
  • 7. Industrial Cyber Security About the Author Rick Kaun is global industrial IT solutions business development lead at Honeywell Process Solutions, a pioneer in automation control for more than 35 years. For more information about Industrial Cyber Security Solutions, please visit https://www.honeywellprocess.com/en- US/explore/services/industrial-it- solutions/Pages/default.aspx today. 7