Tag Archives: Palo Alto

Cryptocurrency and the Digital Economy

Today I had the pleasure of attending a Chertoff Group Conference, #TCGSecuritySeries. I was fascinated with the cryptocurrency discussion led by Jason Cook – Managing Director of the Chertoff Group.  Panel members included Rich Baich, Executive Vice President & Chief Information Security Officer of Wells Fargo & Company;  Dave Jevans, Chief Executive Officer at CipherTrace; and Mance Harmon, Chief Executive Officer & Co-Founder of Swirlds.

Below are just a few tidbits from this thought-provoking discussion.

What’s the big deal about cryptocurrencies?
1. Cryptocurrencies fuel a multi-billion dollar economy
2. In one year, if all continues on course, the cryptocurrency economy will represent more than a trillion Dollars – which has more value than Canada’s GDP.
3. The vast majority of ransomware is powered by Bitcoin

What’s important to know in regards to cryptocurrencies and security trends?
1. The Darkweb is being used to sell your private data (credit cards).
2. There is now a whole class of crime called data extortion. This entails the theft of customer data and private information., which cybercriminals then threaten to make public unless they get paid a ransom.
3. One step organizations can take to address this threat is by developing a definition for an enterprise-grade consensus server for connecting organizations
4.From there, they need to implement that consensus server — a trust layer to go across the internet to connect the organizations and take advantage of improved security models.

A Few Surprising Facts about Blockchain:
1. Blockchain, a digital ledger in which transactions made in bitcoin or another cryptocurrency are recorded chronologically and publicly, has real potential from a currency perspective, but there is no real production Blockchain project underway
2. If anyone wants to bring these systems into the open and transact for value, security is going to be a massive concern.
3. If we move to blockchain, every bank will have to develop a security system that is just as secure as SWIFT (the current security solution used by banks to transfer money).  This will be a huge challenge for banks
4. Cryptocurrency is the killer app for blockchain technology. There are potentially thousands of others.

The Biggest Digital Economy Security Concerns
Distributed ledger technology is at the heart of the security concern because it’s the technology’s engine that acts like a database.  There may be multiple ledgers, and one or more may act as the master.  Copies are used for disaster recovery.  If you make the copies a master as well, you are writing to both simultaneously.  When you have a write conflict (two transactions come in simultaneously), then the community has to agree on the order to execute the transactions.  You can take a master out of one organization and give administration to a different party.  You can take all the masters and put them in control of many different organizations.  They can run each securely.

1. You should not be able to execute a DDOS attack against the network and bring it down.
2. You should not be able to change the actual order of transactions and no one should be prevented from transactions.
3. Protection of security encryption keys is also an issue.  If you have the encryption keys, you can effectively become the transacting party.

A Few Words of Security Advice
Going forward, organizations and the security community will need to:
1. Cultivate security education based on a deeper understanding of the threat
2. Implement regular “reality checks” of their security and compliance posture.
3. Thoroughly assess and prioritize risks and implement solutions and strategies for risk mitigation
4. Develop a government body for the crypto economy – possibly like the Federal Reserve Board for world governments.

Thanks to the Chertoff Group, and Secretary Chertoff, for inviting us to this very interesting event in Palo Alto, California.

By Susan Thomas

Enjoy your read? Check out our other content here.

Cybersecurity in the Boardroom

I had the pleasure of attending Chertoff Group’s Security Series in Palo Alto, CA. The crowd was made up of CISOs, VCs and high ranking officials in government agencies responsible for our country’s cybersecurity. The conversation in the industry has recently been turning toward the fact that cybersecurity is becoming a board level conversation. This is driven by the sophistication and widespread financial impact of ransomware attacks like WannaCry and Petya.  Below are a few pertinent questions discussed at the event that board members should ask as they strive to stay ahead of cyberattacks:

  • Have we prioritized our risk and do we know what’s acceptable and do we know what success looks like?
  • Do we have confidence that we can do the job?
  • Do we have a CEO-led cyber-conscious culture? Is there a linkage between our growth strategy and security?
  • Do we have the right financial incentives to ensure company buy-in?
  • Do we have a healthy appreciation for what we don’t know?

So how do you stay ahead of these threats?  For one, overall board members believe that media coverage is too technical and lacks a clear resolution to security challenges that the non-security experts can easily understand. The Chertoff Group conducted a survey of the top 500 public global enterprises and found that board members learn from sitting on other boards and talking to other CISOs.  “Everyone else” learns from the media and consultants, which makes their decision-making processes more reactive.  While this is a bit frightening, it’s also an opportunity for our clients.  We counsel our clients to move the conversation away from their whiz-bang technology features and more toward how they solve the real-world problems of their customers. It’s both an exciting and challenging time for our clients to help their customers save brand reputation and the negative economic impact of cybercrime.  We’re up for the task and will continue to help our clients focus their messages around influencing the C-suite while also demonstrating how their technology can have a positive business impact.

By Angela Griffo

Special thanks to the Chertoff Group for inviting us to be a part of this conference on security.

Enjoy your read? Check out our other content here.