For Better ICS Security, Reduce Your Attack Surface
- Application whitelisting and proper configuration and patch management reduces the attack surface and helps keep control systems more secure.
- Analyze potential attack vectors to reduce your environment’s overall attack surface and make it much more challenging for attackers to compromise your ICS systems.
“AWL can detect and prevent attempted execution of malware uploaded by adversaries.”
Ayo Folorunso Agunbiade is a security analyst for industrial control systems and SCADA security at SaskEnergy in Canada. When considering high-level ICS security priorities, Agunbiade recommends that CISOs take these three steps to protect the plant’s OT/ICS environment against cyber attacks:
– Implement application whitelisting. “Application Whitelisting (AWL) can detect and prevent attempted execution of malware uploaded by adversaries,” Agunbiade says. It helps prevent industrial cyber attacks by denying any applications that are previously approved as non-malicious. Rather than simply blocking malicious code after the fact, AWL only permits trusted and known files to execute. By putting AWL in place and reducing the attack surface, security organizations are sure that the applications operating in their environment are fully vetted and authorized.