Light Dark
June 14, 2018 By Douglas Bonderud 3 min read
Cloud Security
Data Protection
Identity & Access

Blockchain made headlines recently as the transaction infrastructure for bitcoin and other cryptocurrencies, but this shared ledger solution is now being reimagined as a way to bridge the enterprise security gap. In fact, 60 percent of companies have already implemented (or plan to implement) blockchain technology — with 28 percent actively testing solutions and 20 percent in the discovery and evaluation phase.

But many challenges remain, including scalability and privacy. There’s still more work to do before blockchain can effectively bridge the gap from potential benefit to security baseline.

A Perceptual Shift in Blockchain Technology

The use of blockchain technology as a cryptocurrency record-keeper makes sense. Adding “blocks” of data to a public ledger in sequence helps ensure that transactions are both visible and difficult to alter (since any modification of the original ledger results in widespread mismatches). It’s an ideal combination of user privacy and security oversight: While the identity of digital wallet holders is obfuscated, transaction records are a matter of public record.

As cryptocurrency markets have cooled and (somewhat) stabilized, however, interest in blockchain as a security technology has swelled.

“While still nascent, there is promising innovation in blockchain towards helping enterprises tackle immutable cyber-risk challenges, such as digital identities and maintaining data integrity,” Ed Powers, cyber risk lead at Deloitte U.S., noted in a 2017 report.

Blockchain was also a high-profile topic at the 2018 RSA Conference in April: While some attendees argued for blockchain technology as the solution to General Data Protection Regulation (GDPR) compliance, others worried about issues like viability at scale, data integrity and provenance.

No matter the outlook, it’s clear that blockchain is undergoing a shift as enterprises look for ways to shore up cybersecurity in a market dominated by distributed cloud networks, limited visibility and huge potential consequences.

A Dearth of Blockchain Expertise

So, what’s the potential for blockchain? Demand for blockchain talent recently skyrocketed as companies look for engineers with the skills to develop new applications and services that leverage this technology, according to TechCrunch. There’s already more than $3.7 billion in initial coin offering (ICO) funding waiting for talented developers — and 14 openings for every experienced candidate.

Of course, experience is part of the problem: Blockchain simply hasn’t been around long enough for IT professionals to amass significant working knowledge. Despite supply constraints, however, demand isn’t slowing down. In fact, TechCrunch also reported on a 700 percent increase in companies looking for blockchain engineering talent since January 2017.

Some companies are leveraging blockchain itself to create new cybersecurity marketplaces where motivated white- and black-hat hackers can design antimalware tools for profit. Think of it as a way to bridge the growing cybersecurity skills gap: These hubs enable security professionals to develop antimalware tools or connect with businesses in need of security expertise. Instead of the traditional hiring and vetting process, everything is conducted via blockchain-based secure contracts. Upon completion of successful projects, security experts are paid in cryptocurrency.

More traditional use cases for blockchain leverage its inherent audit capabilities. Since all transactions added to public and private blockchains are signed and time-stamped, enterprises can quickly track down specific events or users of interest. Also, new transactions fundamentally alter the state of the blockchain ledger: Previous iterations are stored, providing companies with a complete history log that both limits the chance of data tampering and ensures all IT actions are auditable as required by emerging compliance regulations.

Build a Better Blockchain, One Link at a Time

Despite enterprise advancement in the area of blockchain, however, there’s still room for improvement. For example, there are limited enterprise use cases for this technology, since very few apps use (or benefit from) the addition of blockchain. While this will change as the market evolves, current use cases are few and far between.

In addition, while traceability is an inherent property of blockchain, data quality is not. The Deloitte report noted that “blockchain technology does not guarantee or improve data quality.” Enterprises remain responsible for ensuring the accuracy and reliability of their data before it becomes part of a shared chain ledger.

Finally, The Wall Street Journal reported that while blockchain excels at data security and trust, it may struggle with privacy. Consider the GDPR: Key components of this legislation are the right to be forgotten and the power of citizens of the European Union (EU) to request access to stored personal data from organizations at any time. The nature of blockchain, however, prohibits this kind of data grab and removal, meaning multiple blockchains might be required to comply with GDPR legislation.

The problem is that the unbroken nature of blockchain is its biggest strength — fragmenting chains reduces total security efficacy.

Enterprises are understandably interested in blockchain’s inherent benefits, such as shared ledgers and natural auditability. Alone, however, blockchain is not the missing link to cloud security. This technology must be paired with apps and services that ensure accurate data entry and reliable sourcing and can address emerging privacy issues. When it comes to enterprise security applications, blockchain holds significant promise but remains developmentally adolescent.

 |  |  |  |  |  |  | 
Douglas Bonderud
Freelance Writer

More from Cloud Security
November 1, 2023

What is data security posture management?

3 min read - Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and 39% of breached data was stored across multiple types of environments. If you have any doubt, your enterprise should consider acquiring a data security posture management (DSPM) solution. With the global average…

October 19, 2023

Endpoint security in the cloud: What you need to know

9 min read - Cloud security is a buzzword in the world of technology these days — but not without good reason. Endpoint security is now one of the major concerns for businesses across the world. With ever-increasing incidents of data thefts and security breaches, it has become essential for companies to use efficient endpoint security for all their endpoints to prevent any loss of data. Security breaches can lead to billions of dollars worth of loss, not to mention the negative press in…

October 3, 2023

The importance of Infrastructure as Code (IaC) when Securing cloud environments

4 min read - According to the 2023 Thales Data Threat Report, 55% of organizations experiencing a data breach have reported “human error” as the primary cause. This is further compounded by organizations now facing attacks from increasingly sophisticated cyber criminals with a wide range of automated tools. As organizations move more of their operations to the cloud, they must also become increasingly aware of the security risks and threats that come with it. It’s not enough anymore to simply have a set of…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature