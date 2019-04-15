A major issue faced by users in the cybersecurity community is their inability to fully know which security vendors they can or cannot trust. Security vendors can make all the claims they want — regarding the performance, effectiveness, detection capabilities, and other promises about their security solutions — but at the end of the day, customers simply have to take their word for it. But that’s where blockchain can help. With blockchain technology, customers using cybersecurity services can verify that the web attacks being detected and blocked are in fact legitimate.

Going “trustless”

For security vendors, false positives are a major selling point. They are a defining factor that determines the accuracy rate and effectiveness of security solutions. False positives are legitimate requests the are mistakenly detected as malicious and subsequently blocked. Meanwhile, false negatives are malicious requests that are not detected or blocked but are perceived as legitimate.

The type of attacks, attack methods, file signatures, hashes, and any other proof that provides legitimacy of an attack can be made available on the blockchain. As mentioned, records that go on the blockchain are permanent and difficult to alter. Instead of taking the word of the security vendor, customers can refer to the blockchain to verify threat data, including false positives. Additionally, because the blockchain is powered by a user community, other third-party security experts and vendors can come to a consensus to verify that such attacks are indeed attacks.

Transparency for security vendors and their users

Blockchain makes data open/transparent in a way that has not existed in financial systems, which is why many argue that blockchain could be used as the new standard for transparency. How exactly is data made transparent on the blockchain? Network participants have the ability to access holdings and transactions of public addresses using a block explorer, used to search the blocks of a blockchain, their contents, and their relevant details.

In the case of cybersecurity this means decentralized threat data can be made accessible. While some may argue that in-depth analyses and reports provide sufficient confidence that the security solutions are performing as they’re supposed to, bias may come into play since these companies are paying for the analysis reports, certifications, and other acknowledgements in the first place. With blockchain, any bias can be eliminated, thanks to this transparency.

Foolproof detection for cybersecurity compliance

A second benefit is added trust for major players in countries with strict regulations (PCI-DSS compliance, EU’s GDPR law, HIPAA Security Rule for the healthcare industry, and others) and cybersecurity laws can benefit significantly if threat data is decentralized, or recorded on the blockchain. For some players, major fines may be imposed if the utmost security standards are not met.

Singapore, for example, has the Cybersecurity Act 2018, a high-stake bill that has the potential to implicate major sectors of the city-state, including the government, if its mandates are breached. Critical Information Infrastructure (CII) operators may face up to USD$100,000 or jail time of up to two years in the event of a breach. With blockchain, auditors can verify that these bodies are adhering to the clauses of the laws and filling the security requirements by tracing and verifying the attacks.

Transparency in cybersecurity

There’s no denying that blockchain is changing the way we look at cybersecurity. Transparency is just one of the many ways in which blockchain can benefit security vendors, regular end users, or even governments in the cybersecurity community. It’s not every day that we are presented with a technology that can guarantee the legitimacy of attacks and be made public at the same time.

With blockchain, security vendors can have concrete evidence to back up their claims of performance or effectiveness, and individuals will be able to refer to this information when choosing a cybersecurity solution. Please reach out to me on LinkedIn to continue the conversation.

From time to time, we invite industry thought leaders, academic experts and partners, to share their opinions and insights on current trends in blockchain to the Blockchain Pulse blog. While the opinions in these blog posts are their own, and do not necessarily reflect the views of IBM, this blog strives to welcome all points of view to the conversation.