Blockchain Combines Innovation with Risk

Security professionals must consider the risks of blockchain as they innovate.

The U.K. government is currently considering options for its Land Registry department, the organization that guarantees titles to registered estates and interests. While digital currency usually steals the blockchain spotlight, land registry provides another interesting application, with pilot projects happening around the world. A blockchain-enabled solution would enable people to discover who owns a particular property, and ensure that the transfer of ownership does not occur without the authorization of interested parties, including a bank holding the property as security on a loan.

Gartner has seen a sharp rise in the number of enterprises promoting the use of blockchain.

Gartner has seen a sharp rise in the number of enterprises promoting the use of blockchain, says Jonathan Care, research director at Gartner. The foundational distributed ledger at the heart of blockchain allows for a wide variety of assets to be tracked, including ownership, identity assertions and proofs, encryption keys or device attributes.

The CIO Executive Communication Guide

Speak the language of the C-suite to communicate the business value of IT

Download eBook

However, blockchain is not without risks.

Marketing hype

The definition of blockchain and its potential applications are fluid. Outside of bitcoin, implementations vary in functionality and many proposed solutions have not yet emerged from the conceptual stage. Unfortunately, the evangelistic marketing hype that can accompany blockchain distracts from the actual potential use cases. Note that blockchain nears the Peak of Inflated Expectations on the Gartner Hype Cycle for Emerging Technologies, 2016.

Scalability

As devices, data, transactions and identities increase, so do the management and storage requirements of related artifacts. CISOs need a secure and scalable approach to ensure that they can succeed in coming years. Scalability is currently considered a risk; however, researchers are currently looking into options that would move away from traditional distributed consensus mechanisms toward scalable methods. This risk may actually become a benefit in the future.

Read More: The CIO’s Guide to Blockchain

Cyberattacks/fraud

A recent attack on the Distributed Autonomous Organization exploited the weaknesses in smart contracts and raised red flags about security. Bitcoin has relatively few vulnerabilities and is lauded for its resilient nature, but the burden of security has moved from the network to the endpoints that are writing to the blockchain. Vulnerabilities typically occur in operating systems, networking protocols and some security-related areas.

Difficult risk assessment

With the increasing range of blockchain offerings, it is difficult to construct a detailed threat model on which to perform a risk assessment. Blockchain is a complex technological system, and can lack the clarity of oversight and auditability that more traditional systems offer. As an additional complication, blockchain lacks common standards or regulations.

“Overall, blockchain is new and people don’t understand it; it is complex, and therefore accurately assessing risk and exposure is a challenge,” Mr. Care said. “In addition, this is exacerbated because there are currently no common standards or regulations.”

Gartner clients can learn more about recommendations for dealing with blockchain risk in Innovation Insight for Blockchain Security by Jonathan Care , et al. 

Get Smarter

Follow #Gartner

Attend a Gartner event

Explore Gartner Conferences

View Free, Relevant Gartner Research

Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.

Read Free Gartner Research

Webinars

Get actionable advice in 60 minutes from the world's most respected experts. Keep pace with the latest issues that impact business.

Start Watching