“Guilty until proven innocent,” writes Maxwell Alles in a Forbes article this week. That’s the way he likes to think of one of the most effective elements of a cybersecurity strategy.
The strategy is called whitelisting, which turns the traditional approach of blacklisting on its head, according to Alles. With blacklisting, known malicious entities are blocked, and everything else is allowed by default. With whitelisting, only pre-approved software, applications and IP addresses can access a network. Everything else is barred. It’s like having a bouncer at your door, and only those on the VIP list can enter.
A recent Cybercrime Magazine article predicts that global cybercrime costs will increase by 15 percent annually, reaching $10.5 trillion by 2025. Alles thinks this truly puts the issue in perspective, highlighting the growing need for whitelisting. By only permitting known and trusted software to run, companies stop malware, ransomware and other threats dead in their tracks. If only vetted programs are allowed, unwanted guests don’t get a look-in.
Read the Full Story