A multitude of industries and public institutions are increasingly using blockchain technology to share data, process deals, or handle financial transactions. While blockchains are considered tamper-proof, cybercriminals nevertheless repeatedly gain access to internal systems, corporate data, and financial flows.
In this interview, Samir Aliyev, CEO and Founder of the Swiss Cyber Institute, speaks with Janek Maiwald, Chief Technology Officer at DGC, a leading cybersecurity provider, about blockchain promises for cyber security and risk management, blockchain endpoints vulnerabilities, and some of the benefits of blockchain in the financial services industry.
SA: Dear Janek, we live in an era where high-profile security breaches seem to be common. Can you tell us where blockchain fits into this global security conversation?
JM: Decentralised blockchain infrastructure was not on the attack surface radar since the “ownership” could not be attributed to a single enterprise or individual. Driven by the wider adoption of the blockchain technology stack and application development, dedicated blockchain infrastructures have emerged and are operated by solution or service providers.
As the stored information within the blockchain infrastructure gained more and more value (intellectual and financial wise), those infrastructures became a target for cybercriminals.
As the blockchain technology itself is still considered secure, the attack angle shifted towards the underlying infrastructure components. The series of recent security incidents related to blockchain components showed, that we do need to carefully consider blockchain security as part of the global IT security discussion.
SA: Why is blockchain security promising for cyber security and risk management?
JM: Blockchain technology, in combination with Self Sovereign Identity, opens a promising new way of authenticating and managing profiles and information. Data doesn’t have to be stored centralized and can be managed individually yet goes hand in hand with full trust in the traceability of the data history and versioning.
Blockchain applications, especially when talking about Smart Contracts, have the unique feature of not being updateable but publicly accessible. This provides an opportunity to process data and their associated requests while being able to guarantee their authenticity and therefore provide the fundamental element of trust for whatever purpose the individual or enterprise might require.
SA: The vulnerability of blockchain endpoints is one important security concern in blockchain security. Can those endpoint vulnerabilities be prevented?
JM: Like with Web 2.0 cybersecurity – blockchain vulnerabilities must be identified, assets and systems protected, and threats detected. Blockchain technology brings significant changes to the architecture design of applications which needs to be taken into account when analyzing cyber security.
The underlying architecture of blockchain endpoints is like other infrastructure components, including the baseline software stack that is required to operate them. Those software components need to be verified in terms of known vulnerabilities or zero-day exploits in order to prevent compromised system components.
As the endpoints are crucial to operating blockchain technology-driven infrastructure, they need to be properly monitored and maintained as any similar mission-critical IT component.
Cybersecurity awareness did lack previously but gained much-required focus and dedication in the past months, which will lead to more secure and managed security when it comes to blockchain endpoints.
SA: On top of improved transparency and enhanced security, what are other real benefits of blockchain in the financial services industry?
JM: Blockchain brings the advantage of merging multiple financial services together in a trustless and publicly accessible environment which creates a self-growing DeFi ecosystem. Additionally, tokenization improves the cross-border and cross-platform transfer, exchange, and ownership of financial assets.
As blockchain technology provides a well-adapted framework for financial applications, which require a strong trust in data validity as well as security, the applications are practically limitless.
Furthermore, due to the decentralized idea of blockchain financial services, there are no geographical boundaries. Therefore, even emerging financial markets and micro-businesses can benefit from global solutions and participate with their capital and intellectual property.
SA: Thank you Janek for those insights, we are truly honored to have DGC as a Global Cyber Conference partner and look forward to hearing more about blockchain security in your panel session.
Janek Maiwald moderated the panel session “Blockchain security: shaping the future” on September 23 2022 at 2.30 pm. Featured panelists were Andra-Maria Maute, Web3 evangelist and Co-Director at Swiss Fintech Innovation, Stephan Erni, Partner at Bain & Company, and Julian Sauer, Software Engineer at DGC.