How Secure is Blockchain? - On24

Jun 6, 2017 - Discuss the cloud and associated security aspects ... Microsoft cloud services have the largest ... Blockchain Specific Security Concerns.
1MB Sizes 2 Downloads 114 Views
How Secure is Blockchain? June 6th, 2017

Before we get started... • This is a 60 minute webcast • For better viewing experience, close all other applications

• For better sound quality, please use headphones • You can enlarge slides by clicking on the box in the upper right hand corner of the slides


A few reminders To download slides and marketing information, click on Resources Use the Q&A box on the upper left to ask questions during the webcast If you experience technical issues, click on the yellow question mark Help icon


Here with you today Grainne McNamara

Tim O’Donnell

Principal PwC

Managing Director PwC

Daragh Morrissey

A. Michael Smith

Worldwide Director for Blockchain Microsoft

Partner PwC

Michael Glaros Senior Program Manager Microsoft


Objectives 1

Overview blockchain and the opportunity it presents Discuss the cloud and associated security aspects




Examine the new complexities that blockchain implementation adds to the cloud environment


Review best practices for blockchain implementation

Evaluate what this technology means for risk assurance


Blockchain can enable profound business and operational transformation What is Blockchain? A blockchain is a decentralized ledger of all transactions in a network. Using blockchain technology, participants in the network can confirm transactions without the need for a trusted third party intermediary


Blockchain interest and adoption is growing…

Blockchain is moving out of the lab… …55% of Global FinTech Survey respondents are planning to adopt blockchain as part of a production system or process by 2018

77% of respondents are planning to adopt blockchain as part of a production system or process by 2020


…however, there are a number of hurdles to adoption

Blockchain Maturity

Customer Adoption

Security Concerns

Fragmented Field


Legal and Regulatory Compliance


Microsoft cloud services have the largest compliance portfolio in the industry


There are many layers to consider in a secure implementation


First build the foundation, then secure the pillars


Take into account blockchain specific security concerns in addition to traditional security concerns • • • •

Traditional Security Concerns

Blockchain Specific Security Concerns

Key Management Weak Cryptography Data Privacy and Confidentiality Vulnerabilities in Code

• Consensus Hijack • Sidechains • Distributed Denial of Service (DDoS) Attacks • Wallet Management • Scalability • Smart Contract Management • Interoperability • Governance Controls • Lack of Anti-fraud/Anti-money Laundering Capabilities


Assess the entire technology architecture of a blockchain initiative Technology Architecture

1 Services and Applications

2 Blockchain Platform

3 Technology Infrastructure

Security Challenges Services and Applications – Design and Implementation • API and code security • Malicious transactions (smart contracts, wallet management) • End-point / application vulnerabilities (fraud, identity management) • Vulnerability management and defences against malware

Blockchain Technology • Code flaws and bugs • Design risks (consensus hijack, interoperability, sidechains) • Distributed denial of service (DDoS) attacks • Governance and access management (in permissioned blockchains)

Development, Infrastructure, and Operations • Infrastructure and network securit