Blockchain and Enterprise Security Standards
As the world of technology innovation evolves, the avant-garde concepts of blockchain applicability continue to multiply and mature. For blockchain solutions to become integrated with enterprise cyber security architectures, certain standards must be met. Like any quantum leap in science and technology, the value of blockchain is defined by the way it can be organized and applied. Looking into the past, the birth and adoption of the internet empowered businesses and individuals in a way that was never seen before. Some used the internet as a tool for success and others used the internet as the foundation for their businesses and operations. Similar relationships can be observed with blockchain as well. Interoperability and standards are paramount for the successful integration of blockchain into both modern and legacy systems. Ensuring a harmonious fusion of blockchain with current infrastructure components will hasten the process in which organizations can begin to leverage blockchain to bolster their cyber security defenses. For this integration, standards are imperative.
The Institute of Electrical and Electronics Engineers Standards Association (IEEE-SA) has started to lay the groundwork for achieving globally accepted blockchain standards. These critical moves set a framework in motion for widespread incorporation of blockchain into the technological and cyber security landscapes. Thus far, the IEEE-SA has active standard projects for:
Blockchain Use in the Internet of Things (IoT).
Standard Data Format for Blockchain Systems.
Standard for the Framework of Distributed Ledger Technology (DLT) Use in Agriculture.
Standard for the Framework of Distributed Ledger Technology (DLT) Use in Connected and Autonomous Vehicles (CAVs).
Guide for Interoperability of Transactive Energy Systems with Electric Power Infrastructure (Building the Enabling Network for Distributed Energy Resources).
One IEEE project, Blockchain Use in the Internet of Things (IoT), has the potential to lay the foundation for which technologies and organizations can begin to plan, develop, and map their IoT cyber security strategies to powerful blockchain standards. When common standards are developed, accepted, and integrated, the absolute power of blockchain cyber security aspects can be realized. With an industry at war in cyberspace, blockchain adoption just may be our Excalibur. The ultimate goals of achieving industry standards in blockchain will be to build around or build upon blockchain as cyber security mechanisms. Whether this signifies weaving blockchain powered platforms into current cyber defenses or building secure architectures atop blockchain networks, the sets of standards are crucial for making seamless changes. When organizations are choosing their next layer of cyber security defense mechanisms, the incorporation of blockchain components and infrastructures must not contain unsurmountable variables, but rather a transparent cohesion.
Let’s fast forward to the future. An organization is deciding on which enterprise email and team communication platform to implement. To ensure confidentiality and integrity of their corporate communications, the enterprise email and team communication application must integrate with a public blockchain network. With trusted industry standards, the organization can map their new email and communication application capabilities and technical specifications to that of the public blockchain of their choice. Ease of integration, ensuring compatibility, and most of all; enhancing security are dependent on defined blockchain standards.
Various cyber security consortiums exist for distinct reasons. Most of these consortia operate as catalysts for positive change and to push the cyber security industry to new heights. ISC², ISACA, ISSA, CIS, IEE, NIST, and many others are working diligently to create and promote standards to help organizations in breaking technological boundaries. The indefatigable persistence of cyber threat-actors has left the world in a state of hacker shock with many sentiments of inevitable defeat among organizations. Such consortiums are committed to developing standards that empower people to build secure architectures to protect their valuable data and at times, the lives and livelihoods of human beings. Many organizations follow cyber security regulatory standards, such as defined by NIST, PCI, HIPAA, and CIS. It is not only the role of such consortiums to develop standards, but to also challenge them when required. Consortiums will also contribute to important missions in the evolution and development of common blockchain principles. The formation and growth of blockchain and blockchain security consortiums will become cornerstones to the advancement and interoperability of the technology into real-world applications. These organizations spearhead the challenges of standardizing blockchain aspects, such as cryptography, distributed ledgers, smart contracts, and even the access mechanisms.
With such defined standards, the industry can then begin to map and unite the various private and public blockchain networks, essentially harnessing the power of many. With the vast differences in current blockchain architectures, the difficultly to find actionable common grounds are material concerns for enterprise organizations seeking blockchain powered security solutions. Some blockchain experts presume that while the back-end infrastructures can differ, the blockchain access layers must represent commonalities that enable networks to communicate and thrive. These blockchain access layers include Web3, SOAP, JSON RPC, Rest HTTP, and many other methods. However, the introduction of trusted standards may expedite the seamless integrations that enterprises desire. Soon, drones may require the ability to communicate with various public and private blockchains for delivering products. The same is true of the commercial rail and trucking industry as well. If individual blockchains are so unique that they create insurmountable boundaries, then services such as drone delivery may not be able to leverage the benefits of blockchain. The same can be projected for the integration of blockchain into the plethora of cyber security platforms, services, and organizations.
Bringing the power and security of blockchain to the world is all but inevitable. It is not a matter of if, but when. The when is precluded by how and how shall be set by standards. The answer to shifting the cyber security advantage from threat actors to defenders could depend on the materialization of standards and enterprises are growing eager for a roadmap.