Listen to AustCyber’s podcast ‘OzCyber Unlocked’ here: https://bit.ly/3B4dTDc.
For many readers out there, allowlisting is somewhat of a foreign concept. To break it down, allowlisting is the antivirus flipped on its head - with antivirus, you try and detect what’s bad and you block it, whereas with allowlisting, you choose what you trust and you block everything else. By doing this, you’re defining that known good and because you’re blocking everything else, you’re preventing a wide range of attacks, malware, ransomware and preventing attackers from moving throughout your network and using tools and running the code they need to achieve their objectives. In a nutshell, it’s incredibly effective because no matter how many attackers modify their code, your system won’t trust it.
David Cottingham is the Co-founder of Airlock Digital, an organisation stopping targeted attacks with Airlock Allowlisting. He says if you’re defining what you trust, all potential hackers are blocked - meaning it’s a proactive and effective way of safeguarding your businesses, which is why it’s listed as an ‘essential’ within the Essential Eight.
“We are in a fortunate position to do something really simple - choose what we trust and block everything else. We don’t need to perform a lot of the things that a lot of other endpoint protection solutions need to do. Things like implementing machine learning to detect the bad, or trying to define everything that could possibly be harmful over the last 20 years - that list is simply too big,” Cottingham said. This approach hasn’t come without it’s own engineering challenges over the last few years, but it’s something Airlock Digital has a lot of expertise in, seven years into their journey.
“One thing that I’ve always thought about is a sector gap analysis in terms of the challenges facing Australian organisations. There are great reports out there but none that really articulate what the biggest challenges that defenders have inside organisations are. What’s taking up the most amount of time, what’s taking the most amount of budget, what’s the hardest thing about daily cyber security in trying to maintain it for Australian organisations, and the list goes on,” said Cottingham.
He believes having a snapshot of the challenges at a level opposite to what the threat environment is, will assist startups and other companies targeting businesses for the needs inside their organisations out there quite acutely.
Recently, the Essential Eight was updated to contain new standards. In the immediate term for Airlock, its focus is centred around working with its customers to make sure they’re achieving a high level of maturity inside the Essential Eight controls, using Airlock Digital’s platform.
“We have a fantastic relationship with all of our customers. One thing that we can do at our current stage is take on feedback and implement it into the roadmap we have for the next few years in terms of blocking macros,” said Cottingham.
On the business side, Airlock Digital is focused on continuing its expansion into the North American market. “There are these standards over there such as the CMMC which has required a lot of US defense industry and that’s a big growth driver for us. Expanding our reach there and spreading the good word of Australian tech over in the US is a priority.”
Learn more about Airlock Digital and the Essential Eight in AustCyber’s podcast ‘OzCyber Unlocked’: https://bit.ly/3B4dTDc.