The global Covid-19
pandemic has already left an indelible mark on humanity. Still tightening its
hold on large swathes of our world, the full social and economic toll has yet
to be understood.
As hundreds of millions of people were also forced to continue work and study while sheltering in place in their homes, most for the first time, the new normal has fueled a surge of cyber attacks.
In both the Middle East and North Africa region alone, Trend Micro reported close to 57 million cyber attacks in the first half of the year, of which MENA VIP Dr Moataz Ali states that “cybercriminals are ramping up their exploits of the weak points in organizations’ endpoints, network, and cloud — especially with COVID-19-related threats.”
The rest of the world hasn’t fared much better. 81 global firms from 81 different countries reported data breaches in the same reporting period, with 80% of firms surveyed seeing an increase in attacks just this year. Phishing attacks have jumped 500% since February, and the average ransomware demands rising 30% to over $111,000 in the first quarter of 2020 (Security Boulevard).
It hasn’t helped that 2019 data (Varonis) suggests that most companies still have poor cybersecurity practices in place that fail to protect data sufficiently, making them vulnerable to data loss. In the age of GDPR implementation, there is now also a financial cost via penalties attached to the risk, not just reputation when it comes to having customer data compromised.
Opportunity in crisis?
It’s clear that many businesses will have to adapt to a growing trend of increased remote access and online work, even after the pandemic blows over. But with cybersecurity threats on the rise, many companies will also have to consider safer, more secure means to conduct business online, particularly if they are dealing with sensitive customer data transmitted digitally.
From a security perspective, it is generally accepted that companies do not have a foolproof way to prevent every malicious attack on their systems. So the key here is to always try to stay a step ahead of the game, using new technologies and updated systems that plug known vulnerabilities and implementing good cybersecurity training and practices in the workplace to protect digital identities and personal data.
In considering various options to gain the upper hand in this cyber technology arms race, is it now time for companies to consider emerging tech like blockchain? After ten years in development, is blockchain mature enough to be integrated as part of a robust cybersecurity system?
Deloitte’s US Cyber Risk Lead Ed Powers said: “While still nascent, there is promising innovation in blockchain towards helping enterprises tackle immutable Cyber Risk challenges such as digital identities and maintaining data integrity.”
Why more companies could turn to blockchain for security
Blockchain is now recognized as an implementable system that can help secure data through sophisticated encryption methods and that can help prevent fraudulent actions via consensus mechanisms. A private or permissioned blockchain system could potentially combine underlying blockchain characteristics like immutability to prevent data manipulation, enhanced auditability through time-stamped ledger of transactions, and even operational resilience through the removal of a single point of failure.
In some cases, a blockchain integration might even result in easier user identification management. At AIKON, for example, we are using a single secure authentication service called ORE ID that lets users log on to integrated services in a passwordless manner, using just their email, phone, or even social media access. It’s a more familiar way for users to log in, which makes the experience more user-friendly, while actually giving them peace of mind when it comes to their personal data.
This is because, apart from leveraging blockchains to provide secure identity service to users on a blockchain-based infrastructure that separates data access, these features could be programmed to automatically ensure companies enforce privacy law compliance as needed.
Companies may choose to retain a level of access that can help them perform actions on behalf of their users, to promote ease of use. For example, with a degree of custodial control over the user’s accounts, companies can provide better user experiences such as automatically signing transactions, or even a way to recover lost keys and reset passwords. Alternatively, businesses can also enjoy the added advantage of empowering their customers with independent access — should the user choose to take over full control.
So if you’re a company considering upgrading your cybersecurity solution with protection of your users’ personal data in mind, you might want to consider migrating to a blockchain solution.
And blockchain-based secure authentication is much easier and more affordable than you think.
This article originally appeared on aikon.com
No comments:
Post a Comment