Embedded Allowlist Maximizes Productivity and Minimizes Risk

top-maintop-main
Embedded allowlist Maximizes Productivity and Minimizes Risk

Symphony Technology Group (STG) announced on January 19, 2022 the launch of Trellix, a new business delivering extended detection and response (XDR) to organizations with a focus on accelerating technology innovation through machine learning and automation. Trellix emerges from the previously announced merger of McAfee Enterprise and FireEye in October 2021.

 
Industry trends
As digitization progresses, it has become commonplace for industrial equipment platforms to shift to a combination of general-purpose devices and general-purpose OSs, and to be networked by general-purpose protocols. On the other hand, cyber-attacks are becoming more diverse, and industrial devices are increasingly targeted, leading to a trend toward mandatory security measures. PS6000 Series makes the next stage of your digital transformation with a reliability system.
Security risks of industrial equipment

Many recent cyberattacks include “ransomware attacks,” which encrypt a company’s critical data and demand a ransom to recover it, and “targeted attacks,” in which international hacker groups repeatedly attack specific companies to cause damage. Such attacks are increasingly impeding business continuity and disrupting nations.

The promotion of DX in all industries has increased the range of devices connected to networks, and thus the number of attack points, further contributing to the broad and deep impact of increasingly sophisticated cyberattacks on society and industry.

These attacks often take advantage of old PCs in companies, organizations and supply chains where cybersecurity has not been taken into account. They often target industrial equipment in factories, causing enormous damage to companies. Since it is especially difficult to control security measures for regular industrial equipment information systems, individual endpoint countermeasures are becoming more important.

Examples of malware intrusion
Removable devices
Industrial equipment provides frequent opportunities to exchange data (such as software upgrades, recipe data and log information) with removable media such as USB drives. There have been many cases of malware infiltration through removable devices that were not not thoroughly security checked.
Internal/external network
With the convergence of IT and OT accompanying the shift to smart factories, there have been cases of malware infiltrating OT from the IT side through internal lines. Industrial equipment without network functionality has also been compromised from external lines through points of contact with external networks via IoT and remote maintenance.
Operation and maintenance terminals
There have been cases of malware infiltrating industrial equipment through malware-infected operation and maintenance terminals brought in by business partners and other companies in the supply chain.
An inside job
There are confirmed cases of organization members cooperating with hacker groups to intentionally infect operating terminals with malware. When someone within the organization is involved, physical security measures and security policies can easily be breached.
Solution
PS6000 Series makes the next stage of your digital transformation with a reliability system.
Enhanced security with allowlist method
It ensures strong security by allowing only authorized applications to run.
No updates are required. You can use it easily even in a local environment.

Download the leaflet to learn more.

Related products