“In the cybersecurity industry, there’s always a new shiny ‘tech toy’ or novel approach around the corner, so it’s important to not be myopic that blockchain for cybersecurity will be akin to finding the cure for the common cold. As promising as blockchain may be, the industry is far from universal adoption,” warns Peter Tran, Vice President and Head of Global Cyber Defense & Security Strategy at Worldpay.
As cybersecurity experts around the globe prepare for next week’s all-important RSA Conference, where discussion topics will include the latest threats and developments in the security industry, Tran remains skeptical about blockchain technology as being the answer to the industry’s woes.
The Biggest Challenge for the Cybersecurity Industry
The cybersecurity industry is currently experiencing a lot of headaches – from a shortage of talent, to finding new ways of keeping up with whack-a-mole attacks from increasingly innovative hackers. As security technology advances, so does the sophistication of cybercriminals, and, in many cases, slow detection of attacks is what leads to the greatest devastation.
“By far the biggest challenge in cybersecurity today,” says Tran, “is the lack of visibility and early detection into cyber threats that are targeting and/or have established themselves within networks undetected for weeks, months, and often years before a breach occurs.” This undetected presence is called “dwell time,” and refers to the average time from which an assailant enters a network until he or she is detected.
Many hackers simply enter undetected and observe their surroundings, finding a way to obtain the information they want without anyone noticing. “You won’t ever know if you’re off course until the unthinkable happens,” says Tran.
In fact, according to a report by Ponemon, dwell times for malicious attacks average 229 days. In reality, they can be much longer. “That is why high-profile breaches have been catastrophic with unpredictable downstream consequences.” Think Equifax, Yahoo, eBay, or JP Morgan.
How Cybersecurity Professionals are Working to Combat these Problems
“Gone are the days,” says Tran, “of relying on perimeter-based or even endpoint security ‘blocking and tackling’ defenses… Build a higher firewall? The attacker will just use a longer ladder to get over or around it.”
Information security professionals are having to turn to more creative methods of stopping hackers in their tracks. Many professionals in the industry are adopting data science and the use of analytics to determine what good versus malicious behaviors within networks look like. One of the advantages of doing so is that it shows results in real time. “No one wants to wait for a fire alarm to alert you to a fire that’s already in a full blaze,” says Tran.
Artificial intelligence (AI) and machine learning (ML) are also becoming front runners in the cyber defender’s arsenal. With the rising sophistication and ingenuity of the types of attacks we’re seeing, non-traditional methods like AI can uncover malicious blind spots more efficiently than traditional security methods and tools can. “It’s the next generation of neural networks to make security decisions based on patterns and predictive forecasting much like how financial markets and data are analyzed,” Tran explains.
What about Blockchain for Cybersecurity?
While many cybersecurity experts are lauding the blockchain and the wonders of its decentralized nature as a cure for cyber threats, Tran isn’t jumping for joy just yet. After all, the technology is still very new, and new technology usually comes with teething trouble.
“Although blockchain research has been conducted over nearly the last decade, typically a technology won’t truly be put through its paces to expose any hidden flaws until it reaches a certain critical mass of adoption, and the industry just isn’t there yet today.”
Furthermore, the issue may not be with blockchain technology itself, but rather with the way in which it is executed. We know by now that blockchain is the most secure technology we have. But that doesn’t stop attacks from happening on secondary software, like wallets and exchanges. “Like any technology,” says Tran, “the devil is in the details of its execution. A poorly designed or applied technology, no matter how good it is, can fall short, particularly in security.”
Finally, there remains the very real issue of how economically viable replacing current security infrastructure with blockchain – and finding enough blockchain security experts to oversee it – will be.
It’s not all bad for blockchain and cybersecurity. Tran admits to having seen some effective use cases for the security industry, namely within authentication, identity and access control. REMME’s blockchain solution, for example, is built on blockchain’s decentralized design and successfully authenticates users and devices with multi-factor authentication. “Blockchain in this instance stands to eliminate the lowest hanging fruit for cyber attackers… crackable passwords.”
Just like the bearish and bullish crypto markets, blockchain technology has its advocates and those who have yet to be sold. But ultimately, any technology that could bring the number of cyber threats down to zero would be welcomed with open arms by all.