World Economic Forum: Improving Blockchain Cybersecurity Takes Leadership, Error Oversight
A recent report by the World Economic Forum disclosed information on the evolution of cyber hacking in the cryptocurrency world.
More importantly, bases covered included the steps users must take to ensure secure operations are taking place. Rather than compromise entire blockchains, the hackers most often focus on using blockchain deployment to initiate their attacks.
The reality is, hackers are getting very good at what they do. They are becoming more bold, capable of infiltrating high-level organizations like Sony and the United States Government.
Therefore, blockchain companies must establish a high level of security in order to protect themselves. Along with security, a designated cybersecurity leader is recommended to head the operations, taking the necessary means to keep a company safe from attackers.
As it is, security is more than just intricate tech setup, it requires sound leadership at the core. Unfortunately, according to a resent study by journalist Brian Krebs, out of the 100 largest corporations in the world, only 5% have a leader heading cybersecurity. This tells us that companies are not taking the threat of cyber hacking serious enough. These companies also likely see security as simple technical issues, obviously this is not true.
When Sony and the Government Office of Personnel Management were breached, the executives in charge probably didn’t consider security as a staple part of their responsibilities. The lack of leadership in the security sector caused both executives to resign based on serious breaches in security that happened within their respected company.
First and foremost, leadership must be established to improve a company’s chance at staying secure. Understanding secure design principles is also required by employees working in the security division of their company. The comprehension of the given principles will allow them to better serve the needs of the security leader designated for the job.
Remembering that weakened security and attacks is not only due to hackers, but also poor errors made by developers is essential as well. Oftentimes we see hacks performed by attackers who are not skilled, but instead discovered weakened spots within the developed security system and exploited them.
The above reason is why it is vital developers are trained in security for blockchain before given the full reign to develop a system or platform.
Training engineers in cryptography is important as is teaching them how to implement it with the basic secure design principles they are also trained in. Sticking to the basics is probably more important than the integration of new foreign and exotic measures, common mistakes are usually the reason hackers can succeed in an attack in the first place.
Hackers often exploit developer mistakes or the misconfiguration of a system, rather than compromising the entire blockchain. They take into consideration the difficulty of the hack, the likely effectiveness of the attack and what the result will be.
Profit for their investment of time and energy is usually considered as well. If a hacker sees a weak spot in the lock protecting the company, it doesn’t matter how well built the blockchain is, they will likely succeed at an attempted attack.
Lastly, it’s important to understand your attacker. You must know the threat level before it can be neutralized. An organization’s security force must also understand how to protect it from a given threat. Using under skilled talent will surely result in poor security against experienced cybercriminals. If a company takes the given factors listed into serious consideration, cutting no corners, they have a good chance at keeping safe during an attack.
Are there other measures which can be used to improve security? Leave your answers in the comment section below.