Don't compromise security when exploring blockchain initiatives, organisations warned
If you mention the word blockchain at an event or networking soiree, there will naturally be a frenzy of activity; how is your business going to be transformed by it? How much are you betting on it? But is this rush to take advantage of the newest, shiniest object neglecting security?
According to new figures from RSA, traditional security information and event management (SIEM) tools aren't going to cut it with identifying 'new normal' behaviours associated with blockchain - leaving organisations vulnerable to cyber attack.
Take blockchain platform EOS as an example. Back in May, Chinese internet security company Qihoo 360 disclosed what was described as an 'epic' vulnerability potentially enabling hackers to control all network nodes. As RSA explains, the fundamental tenets of security and trust which make blockchain technologies so enticing are shifting the goalposts for IT security teams.
"Security teams must quickly understand the new 'normal' in their IT environment to detect suspicious behaviour faster. But this can be an extremely arduous process using traditional, log-based SIEM tools," said Azeem Aleem, RSA global director for its worldwide advanced cyber defence practice. "Without proper configuration when feeding this new data into the SIEM, the result is often a flood of false positives that leave security analysts firefighting while hackers slip by in the confusion."
It is all aspects of the ecosystem which can be affected. Platforms themselves are disrupted - while last month cybersecurity firm Carbon Black said that more than $1.1bn of cryptocurrency had been stolen in the first half of 2018. As sister publication The Block put it, it 'emphasised the ease and lack of skill required to commit cybercrimes' in this area.
RSA argues that as blockchain is uncharted territory for security operation centres (SOCs), all bases need to be covered. Log data needs to be fed from the blockchain into the SIEM tool, therefore giving security teams over time enough data to detect anomalous patterns.
"Organisations must arm their SOC with the right tools to help detect and prioritise security events effectively," added Aleem. "User and entity behaviour analytics and advanced threat metrics can provide vital context.
"Ultimately, greater visibility and more advanced threat detection will help organisations to mitigate risk, while also enabling faster adoption of new technologies - everyone wins."
- » Why it’s time to wake up to critical infrastructure threats
- » New research sounds warning over balancing employee productivity and security
- » Automation, orchestration and response: Evolution of incident management
- » How to combat low technology confidence in your workplace
- » How analytics are empowering next-gen access and zero trust security