Blockchain continues to gain ground
Emerging Blockchain cryptographic technology gains ground every day, being one of the most widely used disruptive technologies not only by financial institutions for their transactions and cryptocurrencies, but also by other sectors such as the Digital Government and the industrial sector that have seen the enormous advantages that Blockchain offers them for the security of their processes.
Jesús Rodríguez, CEO REALSEC, answers the questions about Blockchain and other cybersecurity points in disruptive technologies, of the Cybersecurity special edition of Comunicaciones Hoy, Interempresas magazine.
- What is your vision of business cybersecurity state in this 2020 that is so uncertain and marked by the pandemic crisis?
Despite the current health and economic crisis we are going through and the uncertainty around it, cybersecurity remains a keypoint within any organization’s IT strategy because cybercriminals never cease their activity, which we can say, increases in these especially difficult times when the digital world makes us more vulnerable.
This pandemic has boosted the tele-working and the process of Digital Transformation. As a result, risk exposure to cybercrime and the need to protect us further has been triggered. So organizations are putting more value and allocating more resources to cybersecurity, known for its importance within their business strategy.
- Do you consider that companies and public administrations are adequately protected? Will they be more or less vulnerable by 2021?
Although more and more organizations are increasingly aware that cybersecurity is key to the effective protection and development of their business, there is still a percentage that needs to fine-tune this idea and work on proactively by protecting its critical assets and I believe that this trend will grow for next year and beyond.
Other organizations, although already have systems of custody and protection of their information, can always take a step further towards more robust cybersecurity measures, based on the use of cryptography and thus be able to reduce vulnerabilities, be stronger in the face of possible attacks, and minimize the risks of credential theft, information and data theft, or fraud incidents.
- Is the human factor still the weakest link?
In cybersecurity, the human factor remains the weakest link, since the start, hackers have exploited the weaknesses of non-protection or exposure of our information, keys or data to attack our workplace and in some cases, breach or attack the cybersecurity infrastructure of the organization in which we work or those people or organizations with which we relate.
Therefore, it is very important that users are well-informed and trained regarding the potential risks of cybersecurity and be demanding and disciplined in terms of risk prevention and the measures and solutions to be implemented in our work environment to avoid exposure to cybercriminals.
One of the most common risks is the impersonation of our identity in the digital operations and transactions we carry out with Banking; hence the need to implement two-factor authentication (2FA) solutions and measures that are aligned with the new PSD2 regulations, the implementation of which will be imminent in 2021.
In the near future, we will need triple-factor authentication (3FA) measures that will incorporate identification and authentication through biometric analysis.
Another risk that occurs frequently is the incorrect storage and custody of the private keys of digital certificates in an unsafe repository, such as the Windows container, instead of on a protected cryptographic device, such as a Hardware Security Module (HSM). This happens in cases where, at a corporate level, the user community uses different signing or encryption certificates , whose keys should be centrally stored and managed on a secure device that authorized users can access through secure authentication whenever they need to make use of their private keys and prevent them from being exposed to cybercriminals.
- What components cannot be missing from a cybersecurity solution that responds to the challenges of the 21st Century?
Hardware protection, more robust than software, and the flexibility and cutting edge of new technologies like Blockchain, Edge Computing, IoT…, are key aspects if we want to have truly trusted cybersecurity solutions.
It is critical that these solutions offer us proactivity in detecting potential incidents along with high availability, adaptability, scalability and traceability.
In addition, an effective cybersecurity solution must have the most proven international security certifications, being able to mitigate all risks and losses caused by cyberattacks within a certified environment.
Summing up, the robustness of a cybersecurity solution is a strategic thing in creating trusted environments oriented to Digital Transformation.
- How is cybersecurity benefiting from the use of technologies such as Blockchain and the Internet of Things?
It is rather, at this point, I would say that Blockchain technology and device environments connected through the Internet of Things (IoT) are, to a greater extent, benefiting from the advantages of cybersecurity for more secure, transparent and accessible data management processes.
Although Blockchain technology is based on blocks connected through a hash or digital signature based on cryptography, as I pointed out in the previous question, software encryption, easier to break by hackers, is not the same as the robust encryption offered by cryptographic hardware.
Regarding its features, the IoT device environment is used for the securization of both PKI or Public Key Infrastructure solutions, responsible for the issuance, revocation and/or validation of the digital certificate, base for private and secure communication between these smart devices; as well as Blockchain, which records, audits and authenticates each of the exchanges of information between these devices connected to the Internet of Things, emerging based on this technology a new concept called “Blockchain of Things”.
- What are the cybersecurity challenges regarding 5G?
When we hear 5 G, we usually relate it to telecommunications, but it should be noted that this new technology also acts as a dynamizer of connections and communications between the devices that make up the IoT scenario. This will result in an increase in such devices connected through the Internet of Things, whose faster data transfers will, in turn, lead to an increase in cyberattacks (for example, spam attacks will grow exponentially) along with the dedication of more resources to managing the privacy of this information.
Faced with this situation, strengthening proactive cybersecurity and detection is essential to be able to fully enjoy the advantages offered by this 5G technology and it is at this point, where numerous computer security experts recommend encryption through hardware security modules as it is the most robust and reliable alternative on the market.
A robust securization of these IoT device environments within 5G will be a solid foundation for when in the next phase, the WIFI 6 standard will be launched that will provide these environments like the Internet of Things with an even faster and more automatic connection and communication between devices, not forgetting about security.
- At what point is Blockchain technology located? How does it impact in cybersecurity?
Both improvement and implementation of Blockchain technology is in crescendo. According to Blockchain’s report, prepared by IDC under the sponsorship of REALSEC together with ICEX and AMETIC, in Spain the investment in Blockchain will grow, in a sustained way, around 54% until 2023.
The main architect of this growth will continue being the financial sector (Banking, Fintech and Methods of Payment) through its transactions and the use of cryptocurrencies.
But Blockchain will also gain ground in both the Public Administration, driving an ambitious Digital Government development plan; as in the industrial sector, where sectors such as telecommunications, energy, health, insurance, legal, logistics and food distribution, among others, have already joined the optimization of their technological processes with Blockchain through Smart Contracts, that allow actions such as requesting health appointments, traceability in the creation and distribution of a wine, contracts between two parties, notifications in the actions of the legal sector, etc.
The democratization of Blockchain, where no one in the transaction process is more protagonist than the other for its decentralization along with its traceability, immutability, integrity, privacy and confidentiality (data is not recorded in any database) and a greater commitment to the robustness of its encryption and the use of digital signature make Blockchain the most revolutionary and cybersecure disruptive technology at this time.
Already in 2018 from REALSEC through our whitepaper “Digital Encryption and Signature for Smart Organizations” we estimated exponential growth in the demand of HSM (cryptographic hardware) to strengthen the cybersecurity of Blockchain environments and IoT devices in line to the Innovation and Digital Transformation strategies of organizations.