How transparency through blockchain helps the cybersecurity community
15 April 2019
4 min read


Blockchain technology is applicable to a wide range of industries, and the numerous use cases for it continue to grow by the day. The reasons for why companies, and even governments, are turning to blockchain for everyday business operations are many: faster transaction processing times, the elimination of a middle man, and others.

For the cybersecurity sector, blockchain technology is creating new opportunities that haven’t been envisioned before. With roots in cryptography and security, it makes sense that blockchain is introducing new ways to store information, make safe transactions, and enable trust — which is the main focus of this piece.

Properties of blockchain

The innate properties of blockchain are hard to emulate by any other type of technology currently out there, which is why it is often times revered as a revolutionary technology. When its properties of decentralization, immutability, transparency, and security are combined, a notion of “trustlessness” is created. That trust typically expected of vendors to sell their services is no longer required thanks to blockchain.

Blockchain is a decentralized technology, meaning it does not rely on a central point of control. Instead, it relies on consensus protocols across a network of nodes to confirm any transaction performed on the network. In this scenario, participants on the network all must agree unanimously to add a new block and must do it while ensuring its integrity.

Immutability is another important blockchain property. It refers to how data remains unchangeable once it’s been recorded and processed on the blockchain, meaning it’s also protected from any modifications or attacks. Why? Because the process to alter data on one block would require a lot of computational power. Each block also stores a hash of the preceding block creating a chain going back all the way to the first block created. Therefore, records are permanent and impossible to modify.

As such, this eliminates trust required by traditional centralized authorities and inherently makes the system more secure. Users can freely and safely interact in an ecosystem that doesn’t rely on a central authority to ensure the integrity of transactions. Any business can ensure that their information and their clients’ information will remain safely intact and out of the reach of hackers. The cybersecurity community, too, can benefit from the properties of blockchain.

The cybersecurity sector as a use case

A major issue faced by users in the cybersecurity community is their inability to fully know which security vendors they can or cannot trust. Security vendors can make all the claims they want — regarding the performance, effectiveness, detection capabilities, and other promises about their security solutions — but at the end of the day, customers simply have to take their word for it. But that’s where blockchain can help. With blockchain technology, customers using cybersecurity services can verify that the web attacks being detected and blocked are in fact legitimate.

Going “trustless”

For security vendors, false positives are a major selling point. They are a defining factor that determines the accuracy rate and effectiveness of security solutions. False positives are legitimate requests the are mistakenly detected as malicious and subsequently blocked. Meanwhile, false negatives are malicious requests that are not detected or blocked but are perceived as legitimate.

The type of attacks, attack methods, file signatures, hashes, and any other proof that provides legitimacy of an attack can be made available on the blockchain. As mentioned, records that go on the blockchain are permanent and difficult to alter. Instead of taking the word of the security vendor, customers can refer to the blockchain to verify threat data, including false positives. Additionally, because the blockchain is powered by a user community, other third-party security experts and vendors can come to a consensus to verify that such attacks are indeed attacks.

Transparency for security vendors and their users

Blockchain makes data open/transparent in a way that has not existed in financial systems, which is why many argue that blockchain could be used as the new standard for transparency. How exactly is data made transparent on the blockchain? Network participants have the ability to access holdings and transactions of public addresses using a block explorer, used to search the blocks of a blockchain, their contents, and their relevant details.

In the case of cybersecurity this means decentralized threat data can be made accessible. While some may argue that in-depth analyses and reports provide sufficient confidence that the security solutions are performing as they’re supposed to, bias may come into play since these companies are paying for the analysis reports, certifications, and other acknowledgements in the first place. With blockchain, any bias can be eliminated, thanks to this transparency.

Foolproof detection for cybersecurity compliance

A second benefit is added trust for major players in countries with strict regulations (PCI-DSS compliance, EU’s GDPR law, HIPAA Security Rule for the healthcare industry, and others) and cybersecurity laws can benefit significantly if threat data is decentralized, or recorded on the blockchain. For some players, major fines may be imposed if the utmost security standards are not met.

Singapore, for example, has the Cybersecurity Act 2018, a high-stake bill that has the potential to implicate major sectors of the city-state, including the government, if its mandates are breached. Critical Information Infrastructure (CII) operators may face up to USD$100,000 or jail time of up to two years in the event of a breach. With blockchain, auditors can verify that these bodies are adhering to the clauses of the laws and filling the security requirements by tracing and verifying the attacks.

Transparency in cybersecurity

There’s no denying that blockchain is changing the way we look at cybersecurity. Transparency is just one of the many ways in which blockchain can benefit security vendors, regular end users, or even governments in the cybersecurity community. It’s not every day that we are presented with a technology that can guarantee the legitimacy of attacks and be made public at the same time.

With blockchain, security vendors can have concrete evidence to back up their claims of performance or effectiveness, and individuals will be able to refer to this information when choosing a cybersecurity solution. Please reach out to me on LinkedIn to continue the conversation.

From time to time, we invite industry thought leaders, academic experts and partners, to share their opinions and insights on current trends in blockchain to the Blockchain Pulse blog. While the opinions in these blog posts are their own, and do not necessarily reflect the views of IBM, this blog strives to welcome all points of view to the conversation.

 
Author
TJ Jung TJ Jung