Are you on the bandwagon?
If I had a dollar for every time I heard that blockchain is the new solution for cybersecurity, I’d be an extremely rich man. Blockchain is a decentralized database of a growing list of records, called blocks. Each of these blocks contains a cryptographic hash of the previous block, with a timestamp and transaction data. Because of this, it is said that any involved record cannot be modified retroactively, without altering the subsequent blocks.
This technology is innovative to say the least; however, I am not ready to jump on the Cybersecurity Solution Bandwagon.
As I sat enjoying some Fourth of July festivities with my family, breathing in freedom and exhaling gratitude for our great country- I couldn’t help but jump on Google and search the news for cybercrime. I’m sure most of you were doing the same. After three decades of cybersecurity cases on the brain, it has shown true that cybercrime ramps up around the holidays or major life events.
Having a plethora of news stories to choose from, the one that jumped out at me was a recent data breach at the Maryland Department of Labor where 78,000 records were exfiltrated. The same cybersecurity jargon found in most data breach articles, was also used in this one. The writer states there was a “security flaw in the database,” and that “sensitive information was exposed as a result of a phishing email.” They also promised free credit monitoring for two years for anyone exposed. Lucky you. As I kept reading, it started to occur to me that this was more of a sales pitch for the use of blockchain technologies, rather than an information security tool. I’m not saying blockchain is not important, or that it does not have amazing practical uses, but let’s remember a couple of important points.
According to the Annual Cybercrime Report, backed by the Herjavec Group, editor-in-chief Steve Morgan predicts that cybercrime will cost the world $6 trillion by 2021, doubling since 2015. We are spending more and more money on technology to fight cybercrime every year- yet the profit margins for cybercrime continue to rise. This defies logic; as the more money spent on information security should lead to a decrease in the crime problem, and not the other way around.
Clearly, what we are doing is not working.
During my career with the FBI, a whopping 90% of the cybercrime cases I worked on could have been prevented. NINETY PERCENT. How? By you- the average smartphone user, baby-booming business owner, social media millennial, tech-savvy parent, or IT guru- being aware. This, along with well-defined financial business processes, plus the use of two-factor authentication on all remote accesses, is the quintessential model for prevention. The equation is as simple as this:
User awareness + Financial Business Process + 2FA = 90% Prevention Rate
Before we follow the herd on any new so-called cybersecurity solutions- let’s make sure we are washing our processes using excellent cyber-hygiene as our foundation. The greatest innovations in technology will continue to change the world as we know it, but it is still humans driving the show.
Where one can create, another can take away.
It may be only a matter of time until a genius hacker figures out how to slither into the blockchain, and crack it’s code. Where will your company be when this happens?