Blockchain Can Help Fix Cybersecurity

Uploaded on 2018-10-24 in TECHNOLOGY-Key Areas-Blockchain, NEWS-News Analysis, FREE TO VIEW, TECHNOLOGY--Developments

Cybersecurity is a problem. The more people that jump on the web and the more sophisticated the technology, the bigger the cybercrime industry becomes. In fact, DDoS attacks, hacks, Malware, and data breaches cost the global economy around $450 Billion every year.

Cybersecurity professionals are caught in an exhausting game of whack-a-mole, trying to catch their breath. Yet with existing centralised infrastructure and sometimes outdated systems, no matter how robust a company’s firewall, it’s still vulnerable to attack.

Worldpay VP and Head of Global Cyber Defense & Security Strategy, Peter Tran, says that the days of endpoint, reactive tactics are coming to an end. “Build a higher firewall?” he remarks, “The attacker will just use a longer ladder to get over or around it.”

If you’ve ever travelled to a country not big on accepting plastic, you’ll know the uncomfortable feeling of walking around with wads of cash in your pocket. If all your money is on you everywhere you go, it only takes one unfortunate incident before everything is lost for good.

To rub even more salt into the wounds, there simply aren’t enough cybersecurity professionals to go around. Unemployment in the industry is almost zero, and, with the growth of blockchain and AI technologies, a talent gap wider than the Gibraltar Strait is beginning to appear.

Professionals are scrambling to get up to speed and front the challenges of emerging tech head-on before the criminals do. But even so, by 2020, research predicts that there will be almost 2 million cybersecurity positions vacant, with companies unable to fill them.

Blockchain and Cybersecurity
While it may not be the silver bullet to cybersecurity’s problems, blockchain has great potential to help solve some of the many challenges the industry faces. And it’s not just potential that blockchain shows; real use cases are starting to prove their worth, with some pretty awesome projects happening right now. Let’s take a closer look

Decentralised Storage
When all the data is no longer housed in one place that’s open to attack, a full-scale attack becomes much harder to coordinate. Says Nick Spanos founder of the Bitcoin Centre, “In cybersecurity, having all the passwords in one central location is a good way to get your clients’ identities and passwords stolen, to where the hackers can then access everything on every site. With blockchain, the user controls their private key. By using crypto-graphic signatures, they will be able to sign transactions and messages, without being exposed to central servers.”

In fact, there are plenty of companies taking advantage of blockchain’s decentralised nature, and one at the forefront is Edge. Their ethos is simple, yet effective, empowering users to take control of their own data.

Edge believes that all information should be housed on the “edge” of a network and not stored in one centralized location. Rather like separating your travel money, saving some at the hotel, a little more in your bank, another stash in a secret place, and perhaps some with your travelling companion, Edge works in this way with your data. Instead of having to rely on enterprise server security, the data is encrypted from your device before it gets anywhere near a server or network.

Fraud Prevention
Another of blockchain’s many touted qualities is its immutability. While that aspect has been challenged on several occasions, the use of sequential hashing and cryptography still makes it a front-runner as the most secure technology we have. Blockchain tech is very good at fraud prevention and a particular fit with organisations that handle sensitive data. Since all transactions are time-stamped and recorded in a block linked to another block, they can’t be tampered with without altering the entire chain. A feat almost impossible to achieve.

Guardtime is a data security company that’s currently using blockchain technology to keep sensitive records secure. Its Keyless Signature Infrastructure (KSI) allows clients across multiple verticals, including defence and medicine, to keep classified data safe, and the latest company to join their client list is telecommunications giant Verizon.

Multi-Factor Authentication
Multi-factor authentication can help to eliminate the softest target for cybercriminals, which is easily hackable passwords. Gemalto manages digital identities and interactions through blockchain and multi-factor authentication, providing solutions such as VPN 2FA authentication, software OTP authenticators, and Hardware-based OTP authenticators. Exchanges are using this type of technology more and more in the hope of preventing attacks on them, like that of Bitfinex that lost around $60 million to cyber thieves.

According to Scott Schober, Author of Hacked Again and CEO of BVS Systems, humans are the biggest threat to cybersecurity. By “improving our cyber hygiene” and not getting lax with passwords and security, measures like 2FA can help halt hackers in their tracks.

IoT Security
IoT and its devices have been the root cause of many a high-profile hacking scandal. Just thinking about cases of medical equipment being hijacked and controlled by hackers and car losing control over their entire fleet of vehicles is enough to send alarm bells ringing. IoT is still vastly insecure and it’s another area in which blockchain is proving to be useful. Household names like IBM are using blockchain with their Watson IoT platform to allow devices to transmit data to secure blockchain ledgers. Rather than floating around in cyberspace or being held in one central location waiting to be attacked, the data is stored in tamper-resistant blocks and validated with secure smart contracts.

Australian communications company, Telstra, is also employing blockchain to secure their smart home IoT ecosystems, thanks to its ability to verify data. Blockchain can detect whether the biometric authentication data is legitimate and ensure the smart home stays secure.

Final Thoughts
Not everyone is leaping for joy at the capabilities of blockchain technology, citing other existing or emerging solutions as being more appropriate. Tran, for example, remains cautious, believing blockchain needs more time to mature, or that perhaps blockchain combined with AI may be a more effective path forward.

There is certainly no shortage of possibilities. But beyond the continued hypothetical talk and the projects awaiting funds, these blockchain-powered cybersecurity solutions are happening now. And they’re showing real promise.

Digitex

You Might Also Read: 

It's Time To Embrace Blockchain Technology:

 

« Tackling UK Cyber Crime
Blockchain - The Netherlands Is Blazing A Trail »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

National Centre of Incident Readiness & Strategy for Cybersecurity (NISC) - Japan

NISC was established as a secretariat of the Cybersecurity Strategy Headquarters in collaboration with the public and private sectors to create a "free, fair and secure cyberspace" in Japan.

Basis Technology

Basis Technology

Basis Technology provides software solutions for text analytics, information retrieval, digital forensics, and identity resolution.

MadSec Security

MadSec Security

MadSec Security is a leading consulting company whose expertise are information and cyber security.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

Kryptus

Kryptus

Kryptus provides a wide array of solutions for hardware, firmware and software ranging from semiconductors to complex digital certificate management systems.

Digittrade

Digittrade

Digittrade develop and produce external encrypted hard disks and secure communications apps.

National Cybersecurity Student Association (NCSA)

National Cybersecurity Student Association (NCSA)

The National Cybersecurity Student Association is a one-stop-shop to enhance the educational and professional development of cybersecurity students through activities, networking and collaboration.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

Paladin Capital Group

Paladin Capital Group

Paladin is a leading global investor that supports and grows the world’s most innovative cyber companies.

Sevatec

Sevatec

Sevatec’s Active Cyber Defense (ACD) methodology proactively defends against adversarial kills chain, addressing active and emerging threats while reducing program vulnerabilities and risks.

ThriveDX

ThriveDX

ThriveDX, the world’s premier EdTech provider (formerly HackerU), champions digital transformation training as a means of empowering individuals to thrive in the age of digital disruption.

HacWare

HacWare

HacWare is a data driven cybersecurity awareness product that leverages machine learning and behavior analytics help IT professionals combat phishing.

Wolverhampton Cyber Research Institute (WCRI)

Wolverhampton Cyber Research Institute (WCRI)

Wolverhampton Cyber Research Institute builds on the strength of its members in the area of network and communication security, artificial intelligence, big data and cyber physical systems.

HarfangLab

HarfangLab

HarfangLab develops a hunting software to boost detection and neutralization of cyberattacks against companies endpoints.

Prancer

Prancer

Prancer is the industry's first cloud-native, self-service SAAS platform for automated security validation and penetration testing in the cloud.

Buzz Cybersecurity

Buzz Cybersecurity

Buzz Cybersecurity systems and services are designed to proactively guard against common and uncommon cyber threats.