Don't compromise security when exploring blockchain initiatives, organisations warned
If you mention the word blockchain at an event or networking soiree, there will naturally be a frenzy of activity; how is your business going to be transformed by it? How much are you betting on it? But is this rush to take advantage of the newest, shiniest object neglecting security?
According to new figures from RSA, traditional security information and event management (SIEM) tools aren't going to cut it with identifying 'new normal' behaviours associated with blockchain - leaving organisations vulnerable to cyber attack.
Take blockchain platform EOS as an example. Back in May, Chinese internet security company Qihoo 360 disclosed what was described as an 'epic' vulnerability potentially enabling hackers to control all network nodes. As RSA explains, the fundamental tenets of security and trust which make blockchain technologies so enticing are shifting the goalposts for IT security teams.
"Security teams must quickly understand the new 'normal' in their IT environment to detect suspicious behaviour faster. But this can be an extremely arduous process using traditional, log-based SIEM tools," said Azeem Aleem, RSA global director for its worldwide advanced cyber defence practice. "Without proper configuration when feeding this new data into the SIEM, the result is often a flood of false positives that leave security analysts firefighting while hackers slip by in the confusion."
It is all aspects of the ecosystem which can be affected. Platforms themselves are disrupted - while last month cybersecurity firm Carbon Black said that more than $1.1bn of cryptocurrency had been stolen in the first half of 2018. As sister publication The Block put it, it 'emphasised the ease and lack of skill required to commit cybercrimes' in this area.
RSA argues that as blockchain is uncharted territory for security operation centres (SOCs), all bases need to be covered. Log data needs to be fed from the blockchain into the SIEM tool, therefore giving security teams over time enough data to detect anomalous patterns.
"Organisations must arm their SOC with the right tools to help detect and prioritise security events effectively," added Aleem. "User and entity behaviour analytics and advanced threat metrics can provide vital context.
"Ultimately, greater visibility and more advanced threat detection will help organisations to mitigate risk, while also enabling faster adoption of new technologies - everyone wins."
Interested in hearing industry leaders discuss subjects like this and sharing their use-cases? Attend the co-located IoT Tech Expo, Blockchain Expo, AI & Big Data Expo and Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam and explore the future of enterprise technology.
- » A bird’s eye view of enterprise security: From reaction to prevention
- » Why marketing security is the phrase every executive needs to understand in 2019
- » The cybersecurity angle: Why recent research and investment in quantum and IoT is key
- » European organisations looking to a machine learning future – but barriers remain
- » Why the missing link for enterprise digital transformation is Zero Trust Security