Could You Boost Your Cybersecurity With Blockchain?

Posted on : 28-11-2017 | By : Tom Loxley | In : Blockchain, Cloud, compliance, Cyber Security, Data, data security, DLT, GDPR, Innovation

Tags: , , , , , , , , , , , , , , ,

0

Securing your data, the smart way

 

The implications of Blockchain technology are being felt across many industries, in fact, the disruptive effect it’s having on Financial Services is changing the fundamental ways we bank and trade. Its presence is also impacting Defense, Business Services, Logistics, Retail, you name it the applications are endless, although not all blockchain applications are practical or worth pursuing. Like all things which have genuine potential and value, they are accompanied by the buzz words, trends and fads that also undermine them as many try to jump on the bandwagon and cash in on the hype.

However, one area where tangible progress is being made and where blockchain technology can add real value is in the domain of cybersecurity and in particular data security.

Your personal information and data are valuable and therefore worth stealing and worth protecting and many criminals are working hard to exploit this. In the late 90’s the data collection began to ramp up with the popularity of the internet and now the hoarding of our personal, and professional data has reached fever pitch. We live in the age of information and information is power. It directly translates to value in the digital world.

However, some organisations both public sector and private sector alike have dealt with our information in such a flippant and negligent way that they don’t even know what they hold, how much they have, where or how they have it stored.

Lists of our information are emailed to multiple people on spreadsheets, downloaded and saved on to desktops, copied, chopped, pasted, formatted into different document types and then uploaded on to cloud storage systems then duplicated in CRM’s (customer relationship management systems) and so on…are you lost yet? Well so is your information.

This negligence doesn’t happen with any malice or negative intent but simply through a lack awareness and a lack process or procedure around data governance (or a failure to implement what process and procedure do exist).

Human nature dictates we take the easiest route, combine this with deadlines needing to be met and a reluctance to delete anything in case we may need it later at some point and we end up with information being continually copied and replicated and stored in every nook and cranny of hard drives, networks and clouds until we don’t know what is where anymore. As is this wasn’t bad enough this makes it nearly impossible to secure this information.

In fact, for most, it’s just easier to buy more space in your cloud or buy a bigger hard drive than it is to maintain a clean, data-efficient network.

Big budgets aren’t the key to securing data either. Equifax is still hurting from an immense cybersecurity breach earlier this year. During the breach, cybercriminals accessed the personal data of approximately 143 million U.S. Equifax consumers. Equifax isn’t the only one, if I were able to list all the serious data breaches over the last year or two you’d end up both scarred by and bored with the sheer amount. The sheer scale of numbers here makes this hard to comprehend, the amounts of money criminals have ransomed out of companies and individuals, the amount of data stolen, or even the numbers of companies who’ve been breached, the numbers are huge and growing.

So it’s no surprise that anything in the tech world that can vastly aid cybersecurity and in particular securing information is going to be in pretty high demand.

Enter blockchain technology

 

The beauty of a blockchain is that it kills two birds with one stone, controlled security and order.

Blockchains provide immense benefits when it comes to securing our data (the blockchain technology that underpins the cryptocurrency Bitcoin has never been breached since its inception over 8 years ago).

Blockchains store their data on an immutable record, that means once the data is stored where it’s not going anywhere. Each block (or piece of information) is cryptographically chained to the next block in a chronological order. Multiple copies of the blockchain are distributed across a number of computers (or nodes) if an attempted change is made anywhere on the blockchain all the nodes become are aware of it.

For a new block of data to be added, there must be a consensus amongst the other nodes (on a private blockchain the number of nodes is up to you). This means that once information is stored on the blockchain, in order to change or steel it you would have to reverse engineer near unbreakable cryptography (perhaps hundreds of times depending on how many other blocks of information were stored after it), then do that on every other node that holds a copy of the blockchain.

That means that when you store information on a blockchain it is all transparently monitored and recorded. Another benefit to using blockchains for data security is that because private blockchains are permissioned, therefore accountability and responsibly are enforced by definition and in my experience when people become accountable for what they do they tend to care a lot more about how they do it.

One company that has taken the initiative in this space is Gospel Technology. Gospel Technology has taken the security of data a step further than simply storing information on a blockchain, they have added another clever layer of security that further enables the safe transfer of information to those who do not have access to the blockchain. This makes it perfect for dealing with third parties or those within organisations who don’t hold permissioned access to the blockchain but need certain files.

One of the issues with blockchains is the user interface. It’s not always pretty or intuitive but Gospel has also taken care of this with a simple and elegant platform that makes data security easy for the end user.  The company describes their product Gospel® as an enterprise-grade security platform, underpinned by blockchain, that enables data to be accessed and tracked with absolute trust and security.

The applications for Gospel are many and it seems that in the current environment this kind of solution is a growing requirement for organisations across many industries, especially with the new regulatory implications of GDPR coming to the fore and the financial penalties for breaching it.

From our point of view as a consultancy in the Cyber Security space, we see the genuine concern and need for clarity, understanding and assurance for our clients and the organisations that we speak to on a daily basis. The realisation that data and cyber security is now something that can’t be taken lighted has begun to hit home. The issue for most businesses is that there are so many solutions out there it’s hard to know what to choose and so many threats, that trying to stay on top of it without a dedicated staff is nearly impossible. However, the good news is that there are good quality solutions out there and with a little effort and guidance and a considered approach to your organisation’s security you can turn back the tide on data security and protect your organisation well.

Ripple Makes Waves

Posted on : 27-10-2017 | By : Tom Loxley | In : Bitcoin, Blockchain, Crytpocurrency, DLT, Finance, FinTech, Innovation

0

The big banks seem to have stopped resisting and begun embracing blockchain technology…well, at least when it comes to embedding the technology into their payments and transactions. Some time ago now Ripple (the digital currency and distributed payment network) pitched its tent on the Swift network’s front lawn and has been an increasingly irritating thorn in the payments provider’s side. (Description of Ripple provided by coindesk.com.)

It seems that Swift can no longer deny the clear advantages of blockchain technology, or perhaps in a savvy move, Swift has let Ripple do the hard work when it comes to the risk and testing involved in new employing a new leading-edge technology. But it’s more than just a new piece of code or tech that Ripple and the other big cryptocurrencies have brought to the financial services (FS) arena. It’s more like a paradigm shift.

For years the financial institutions have been upgrading software and bolting on workarounds to try and keep up with new demands and ever-evolving marketplace. This has resulted in a metaphoric Frankenstein of IT stacks and ageing and outdated technology. Some of the bigger institutions still have to wheel in the experts from the 80’s to deal with their issues because the tech is so old the IT workforce of today just don’t get exposed to it. Talk about choke points or single points of failure.

Big names from the FS industry have come out swinging against the cryptocurrencies boom with the likes of Jamie Dimon of JPMorgan and Larry Fink of Blackrock voicing their issues with Bitcoin. Now I’m not a diehard fan of cryptocurrencies, and I see the obvious concern with what appears to be the massive bubble that is Bitcoin and some of the other more expensive digital currencies, but there is part of me that hails them for the disruptive kick up the backside they seem to have given the FS industry.

Whatever you may personally think about Bitcoin and the early cryptocurrencies, their presence has created choice, a new way to transact value with some real benefits (transparency, security, more autonomy/control, speed, and lower costs) using blockchain technology, or Distributed Ledger Technology (DLT) as it is becoming more widely known as in the FS circles. (As if renaming it and slightly tweaking the definition has somehow distanced them from admitting there is real value in something that was widely scoffed initially.)

By popularising blockchain technology, cryptocurrencies have forced the FS industry to take a serious look at their technology and this (in my opinion) seems to have busted the door open to other new FinTech ideas. In fact, it now seems that the bigger institutions are clawing to be the first in the FinTech race and woe betide the Innovation Executive who is responsible for passing on the next bit of groundbreaking software, especially if the competition picks it up. Innovation is the new name of the game.

Ripple has continued its assault on the Swift network by boasting that its distributed financial technology can help banks cut the time and cost of clearing transactions and at the same time allowing new types of high-volume, low-value global transactions. Ripple also hosted their conference called “Swell: The Future Is Here” over the same period in October and only a few miles away from Swift’s Sibos event. They came out guns blazing with Ben Bernanke and Tim Berners-Lee headlining at their event and have made it clear the time and location of the event was not a coincidence.

Ripples tenacity seems to be paying off with over a 100 banks and FS organisations signing up to its network. Swift is hitting back with the 3rd phase of its global payment initiative (SWIFT gpi) focussing on DLT. Many of the larger banks have joined forces with Swift to explore the DLT Proof of Concept reporting initial success.

Swift is not the only large FS organisation exploring in this space. Indeed, despite Jamie Dimon’s opinion of Bitcoin, apparently he’s not opposed to the underlying technology. JPMorgan has used the Ethereum blockchain protocol as a base for Quorum, a DLT platform designed to support any application requiring high speed and high throughput processing of private transactions within a permissioned group of known participants.

Many other FS organisations are also exploring privately and collectively in consortiums to win the race and harness the power of the blockchain.

The irony here is that while we’re all caught up in this whirlwind of disruption to the FS industry, at the end of it all what is the real impact a year or so down the line? Kelly, the insurance broker from Doncaster, South Yorkshire makes the deposit payment on her new 4 bedroom semi-detached and says…hmmm…that was quicker than I remember a few years ago… and then gets on with her day. Or am I just being cynical?