The SolarWinds hack affected some of the most prominent corporations in the world, including at least 10 of our most sensitive federal government networks.
We must ask ourselves what is required to have a secure system, and is there a better security system to defend and detect our data and identity from future cyber attacks?
Although blockchain is better understood for its data and value transfer functionality, network architects are awakening to how the implementation of a public blockchain infrastructure can provide the utmost level of cybersecurity to any system.
To guide network architects in their understanding of the blockchain as an information security framework, the following infographic compares the BSV blockchain with industry standards of information security.
The BSV blockchain as an enterprise cybersecurity framework
BSV as a security system
BSV proves to be a security system that’s effective and highly secure, covering all of the bases of the CIA Triad of Information Security: confidentiality, integrity, and availability of data.
By utilising BSV as cybersecurity infrastructure, its inherent transparency and auditability elevates network security to a new level.
BSV and the CIA triad of information security
Let’s apply the BSV blockchain to the CIA triad of information security:
- Confidentiality The BSV blockchain places a firewall between user identity and transactions. This provides inherent data privacy, while empowering users to maintain control over their identity.Data ownership is therefore distributed to each user instead of centralising data in the servers of a trusted third party. As a result, the cost to cyber-criminals is enormously increased, as they are required to individually attack millions of networks instead of targeting one ‘honey pot’ that exposes millions of customers’ information.
- Integrity The BSV blockchain utilises an algorithm that translates inputs into a ‘digital fingerprint’ as output. Because the slightest change to the input would change the output, anyone can verify the authenticity of the data. This level of data integrity is pivotal, not only for accounting practices, but any data-based applications where the rule of ‘rubbish in, rubbish out’ applies.
- Availability A secure system must always have information and data available without interruption. Because the BSV blockchain is a distributed network, the ledger can be accessed via any of the nodes regardless of outages in certain locations.
The BSV blockchain’s trustless model for resilience and security
The current model of information security relies on a Web of Trust environment where users rely on a certificate authority (CA) to enable secure data exchange.
For example, each time you visit a website, your browser checks to ensure that the site you are loading is really the site you were trying to access and not an alternate, malicious page that an attacker is trying to redirect you to. These certificates are typically issued by shockingly low-tech third parties who hold and maintain all the private and sensitive information required.
This represents a significant problem for the privacy and confidentiality of the users of these systems, as has been demonstrated when these companies are breached.
In the case of the BSV blockchain, the outage or compromise of a single node has no adverse effect on the network. On the contrary, the network’s consensus model flags any attempted data manipulation the moment a compromised node attempts to publish the update to the system.
How the BSV blockchain responds to an attack on the network
With the consensus mechanism in place, network nodes are incentivised to reject blocks that attempt to double spend or violate protocols governing the network. By incentivising nodes to fend off attackers, it would be more profitable for potential attackers to utilise their computing power to participate in the network honestly.
The 5 core functions of CSF and the sub-categories of the NIST framework
The CIA triad of information security is a valuable framework to apply to any network. A more granular framework is the National Institute of Standards and Technology’s (NIST) cybersecurity framework (CSF). NIST designed this framework as a template to provide guidance and standards for companies to protect their critical infrastructure through a risk-based approach.
Let’s apply the BSV network to the five core functions of CSF its subcategories of the NIST framework:
- Identifying assets and preventing risk with BSV
BSV’s publicly distributed ledger creates a single source of truth to track asset management activities through an audit-friendly ticker tape that can be authenticated and provably shown to exist. - Protecting critical Infrastructure with BSV
Once a solid asset inventory has been taken for each account, and each machine and/or employee has been issued a blockchain-based identity (that links network activity through an extremely low-cost BSV transaction), there will always be an immutable trail to follow.Tamper evident/resistant network activity logs, events and access control data can be recorded securely and privately on-chain. This prevents any alterations to the records, making discovering intrusions or inside attacks on a network much easier to detect and protect against.This brings us to an important difference between today’s legacy cybersecurity solutions and the next generation BSV-based cybersecurity framework. BSV’s protocol breaks the data silos when applied to the NIST CSF, meaning it can potentially provide a true ‘one pane of glass’ implementation, reducing the total cost of cybersecurity defence due to reduced hardware, software and managed service needs. - Detecting activities on a network with BSV
Since the chain is immutable or unchangeable, and all activity is recorded on-chain, it’s easy to see when someone tries to make alterations to a block. Attackers cannot delete activity logs, which makes it easy to spot the breach quickly and identify the nodes that were compromised. - Responding and Recovering from a security incident with BSV
Since the authenticity of data is easy to verify and the network distributes copies of the ledger between nodes, it’s easy to return to an authentic version of the ledger.
The BSV blockchain as an enterprise cybersecurity framework (eBook)
As you’re aware, it’s no longer a question of if your business network will be breached, it’s a question of when.
Therefore, cybersecurity is no longer about prevention alone, but rather detection at the earliest possible moment. Our latest eBook illustrates how the BSV blockchain meets and exceeds the critical requirements of information security with a newer, more resilient architecture. We invite you to download your free copy here.