Guilty until proven innocent. That’s the way I like to think of one of the most effective elements of a cybersecurity strategy. The strategy is called whitelisting, which turns the traditional approach of blacklisting on its head. With blacklisting, known malicious entities are blocked, and everything else is allowed by default.