Co-authored by: Karthik Thayumanasamy
According to a McKinsey survey, only 5% of large enterprises have matured capabilities in place for managing cyber security risks.
In the digital age, businesses are generating huge amounts of data. The data is sensitive and rapidly available, making companies vulnerable to threats. On the other hand, concerns over exposure to cyber-attacks are compelling organizations to delay the adoption of technologies such as Cloud, mobile, and IoT. Companies, therefore, face a continuous trade-off between investing in risk reduction strategies and keeping pace with business demands. Managers seldom realize that it is their restricted view of security that exposes their organizations to cyber-threats. Managers need to address threats more holistically and move away from traditional security measures. Blockchain technology offers all-encompassing solutions in this regard.
Blockchain technology is the result of years of cryptography and security research. In simple terms, Blockchain is a distributed public ledger that records all transactions having being carried out. It recognizes synergies between distributed communications and file sharing systems and combines with technology stacks to become fault tolerant, autonomous, and scalable. The powerful combination of Hashcash and smart contract offers a set of security tools which are distributed, peer-to-peer, cryptography-based, and often, open sourced.
Though Blockchain technology has revolutionized the world of financial services, its applications lie far and beyond. One can easily say that Blockchain’s most profound applications are in the field of cyber security.
How does Blockchain fight Cyber-Security Threats?
Preventing Data Manipulation:- The combination of hashing and cryptography with the decentralized structure lends blockchain its most powerful feature – immutability. It helps protect data integrity and identify any type of data tampering. Keyless Signature Structure (KSI) is a new technology developed by a company called, GuardTime, that replaces the Public Key Infrastructure (PKI). KSI adds authentication to the existing features of PKI.
Protecting Identities: - Publishing keys on Blockchain eliminates the risk pertaining to false key propagation and identity theft. Various projects are ongoing to eliminate the need for issuing certificates by central authorities. These advances have made Blockchain technology more robust in terms of authentication and elimination of any possibility of being a single point of failure.
Preventing Distributed Denial of Service Attacks: - Currently, the DNS system relies on caching. This was confirmed on 21st October 2016 when millions of users across the US were cut off from major websites. The decentralized nature of Blockchain offers a solution to this problem.
At the moment, the business sentiment is confused and divergent. A recent survey by Deloitte reveals a significant number of business leaders who feel the need to adopt the technology for fear of losing out, but most remain unsure of its potential. The survey also suggests that this feeling is primarily due to the lack of information available on it or the inability to understand the technology.
Like any new idea or technology, Blockchain is still in its nascent stage of adoption. In spite of the mixed feelings surrounding it, many industries have invested millions in Blockchain projects. With regards to cyber security, Blockchain should be a top priority for any industry handling data, and people interacting with data. With the maturity of the technology stack, Blockchain as the main guard against cyber threats will become far more seamless to adopt, and free of costs and resources.
How can HCL help?
HCL has extensive expertise in providing cyber security services in areas of Endpoint Security, Threat management, Identity management, and Security management. HCL’s deep-domain expertise in cyber security services covers the financial services as well as other sectors. It also architects POCs in key industries, providing hot buttons like international money transfer, asset tracking, and trade operations.