Business teams, as much as the IT team, also play a critical role in cybersecurity by together defining the strategy that includes both the scope of protection and action plan for a breach.
This means identifying data that requires protection such as Personally identifiable information (PII) (e.g., SIN, TIN, Passport Number) and sensitive personal information (SPI) (e.g., unlisted phone number, total AUM, household income).Business teams need to recognize that data needs to be protected at rest, in use and in motion. To explain this further, a user enters data on a UI, the UI validates and stores it in a database for future use. This is “data at rest.” If the data is then later displayed on UI or a report to an authorized user, it is ‘data in use’. Transmission from a stored database (e.g., reports, dashboard, APIs) to a user or system outside the secure network (sFTP, email) is “data in motion.” For business teams, data is treasure. They need technologies like DaaS (Data-as-a-Service) or AaaS (Analytics-as-a-Service) to integrate this data and extract actionable insights. However, somewhere in the dark web there are hackers focused on sending in RaaS (Ransomware-as-a-Service) and MaaS (Malware-as-a-Service) to steal and/or damage that data. Keeping this in mind, business team must value cybersecurity and give it the attention it deserves.
Using Blockchain as an example to demonstrate the role of the business in the cybersecurity strategy, lets consider if Blockchain is the panacea to all cybersecurity problems.
The Blockchain is a distributed database where data structures called blocks store information. The storage devices for the database are not all connected to a common processor. Each block contains a timestamp and a link to the previous block, hence the name Blockchain. The distributed Blockchain database works through several nodes, and each node verifies additions to the chain. A majority consensus is needed to authenticate a user and ‘authorize’ access. A traditional centralized database like Oracle, Sequel, MS Access stores data in tables. User access to the centralized server is through a single node based on user authentication by an authorized party maintaining the database.
It is the database that cybercriminals want to penetrate with the use of malware (software designed to gain unauthorized access, corrupt or affect data) or ransomware (software designed to prevent authorized access until a ‘ransom’ is paid). A DDoS (distributed denial of service) attack finds a vulnerable entry point, and then installs malware to gain unauthorized access. With access into the network the DDoS Master proceeds to infect several other computers in the network. With the malware distributed, a flood of incoming connection requests slows down or crashes the network disabling legitimate user access.
In a traditional database, there is a single node that cybercriminals need to penetrate to initiate a DDoS attach or install malware. With Blockchain, several nodes need to be penetrated to gain majority consensus. With each block timestamped and signed digitally, the historic log is completely traceable and trackable. Being a distributed database, there isn’t a central point of failure, inherently making Blockchain more cyber-friendly than traditional database systems.
So, we have a clear winner.
But we forgot that hackers continue to enhance their skills as well. Mathematically sound but decentralized with no single authority, Blockchains can be a bigger risk than traditional databases. According to research, at Carbon Black, 1.1 Billion in cryptocurrency related thefts during a six months period on the dark web was uncovered. When a Blockchain is hijacked, it means there was majority consensus to the attack. Cybersecurity must encompass a business strategy that addresses communication, accountability and resolution when a breach occurs; this is where a public blockchain falls short because of the lack accountablity i.e. “who will re-reimburse the affected parties?”, and “Who will investigate the history logs?”.
JP Morgan rolled out its cryptocurrency on a privately regulated Blockchain accessible only to their trusted big institutional clients. Why did they restrict access to a trusted closed group? The answer is simple — Cybersecurity. Accountablity is key to building a cybersecurity strategy with the business regardless of the database behind the data storage.