Unlocking the Potential of the Cloud for IBM Power Systems
Fintech & blockchain technology 06.12.2021
1. F I N T E C H & B L O C K C H A I N
T E C H N O L O G Y
CRYPTOCURRENCY
1
2. W H AT I S B L O C K C H A I N T E C H N O L O G Y ?
• Blockchain is a system of recording information in a method that makes it
difficult or impossible to change, hack, or cheat the system. A blockchain is
essentially a digital ledger of transactions that is duplicated and distributed
across the entire network of computer systems on the blockchain.
• Blockchain technology is a structure that stores transactional records, also
known as the block, of public transaction in several databases, known as the
chain, in a network connected through peer-to-peer nodes. This storage is
typically referred to as a digital ledger.
2
3. B E S T P R A C T I C E S O F B L O C K C H A I N
T E C H N O L O G Y
• Use permissioned blockchain for private data
• Privacy to protect individual rights
• Create a governance structure for blockchain
• Understand and analyse blockchain cases early
• Decide scalability and performance requirements
• Secure the technology by never storing large files on the blockchain
3
4. B E S T P R A C T I C E S O F B L O C K C H A I N
T E C H N O L O G Y
4
5. W H AT I S C R Y P T O C U R R E N C Y ?
• A cryptocurrency is a digital or virtual currency that is secured by cryptography,
which makes it nearly impossible to counterfeit or double-spend. A
cryptocurrency is a medium of exchange that is digital, encrypted and
decentralized. Unlike the U.S. Dollar or the Euro, there is no central authority
that manages and maintains the value of a cryptocurrency.
• TYPES OF CRYPTOCURRENCY (MAJOR)
• Bitcoin
• Litecoin
• Ethereum
• Dogecoin
5
6. B E S T P R A C T I C E S O F C R Y P T O C U R R E N C Y
(1) Do not self-custody keys.
(2) Spread assets across more than one digital wallet.
(3) Use cold wallets and hot wallets.
(4) Implement policies to reduce risk.
(5) Hire specialty vendor to help protect assets.
(6) Conduct due diligence on cyber security.
(7) Ensure vendors provide indemnity.
(8) Know current regulations that apply to you and your vendors.
(9) Ensure appropriate governance at the board level.
(10) Consult with a specialized insurance broker.
6
7. C R Y P R O C U R R E N C Y S E C U R I T Y
B R E A C H E S
• The following cryptocurrency exchange providers were hit with massive
breaches that left their exchanges in shambles:
Year Exchang
e
Type of Breach Breach Value
(Cryptocurrency)
Breach Value
($)
2014 MtGox Hacking/IT Incident 850,000 BTC $700 Million
2018 Coincheck Theft/Unauthorized
access to private keys
523 Million NEM $534.8 Million
2013 Silk Road Hacking/Vulnerability/
Sensitive information /
Spamming
171,955 BTC $270 Million
2018 Bitgrail Theft/ Software breach 17 Million NANO $195 Million
2016 Bitfinex Private key breach 120,000 BTC $72 Million
7
8. W H AT I S F I N T E C H ?
• FinTech, the abbreviation for Financial Technology, is a broad category that
refers to the innovative use of technology in the design and delivery of financial
services and products. The application of fintech cuts across multiple business
segments, including lending, advice, investment management and payments.
• Start-ups and traditional finance companies are active in fintech. Examples of
fintech companies include TransferWise, Lendo and Ripple.
8
9. B E S T P R A C T I C E S O F F I N T E C H
• Keep abreast of digital-only banking.
• Develop an anti-money laundering (AML) policy.
• Consumer awareness.
• Know your customer (KYC) compliance.
• Look to the future- continuously evolving.
• The goals of PCI DSS and Fintech involves: Building and maintaining a secure
network, Protecting cardholder data, Maintaining a vulnerability management
program, Implementing strong access control measures, Regularly monitor and
test networks, Maintain an information security policy.
9
10. S E C U R I T Y C H A L L E N G E S / B R E A C H E S O F
F I N T E C H
• The main security breaches of Fintechs are:
• Application related cyber security vulnerabilities
• System complexity
• Extensive cloud migration
• Third party involvement
• Compliance failures
• Extensive use of mobile platforms and IoT devices
• Black Hats gain access to application and accounts cause by human error
• Managing Digital Identities
• Data Privacy
• Convenience at the cost of Security
10
11. T O P 5 F I N T E C H D O M I N AT I N G C R Y P T O
• 1. Square
• 2. Paysafe
• 3. eToro
• 4. PayPal
• 5. Nexo
11
12. M I T I G AT I N G S T R AT E G I E S
• No information system can be 100% secure. Blockchains underlying capabilities of
Confidentiality, Integrity and Availability employ cyber security controls and standards
which need to be adopted for organizations using blockchains within their technical
infrastructure.
• Organizations can adopt a holistic approach of People, Process and technology as a
triad in implementing these strategies in combating cyber attacks.
• Another approach developed by a consulting firm is the Secure, Vigilant and Resilient
(SVR) cyber approach which will support entities to remain secure and resilient to
evolving to cyber threats.
• Secure: Having risk-prioritized controls to defend emerging threats.
• Vigilant: Having threat intelligence and situational awareness to identify harmful
behaviour.
• Resilient: Having the ability to recover from and minimize the impact of cyber
incidents. 12
13. S E C U R I T Y B R E A C H E S , B E S T
P R A C T I C E S , A N D S E R V I C E O U TA G E S
• The most common security breach of major trading exchanges include:
• Infections of zero-day and keyloggers by the cybercriminals.
• Management of electronic wallets requires the understanding of strong crypto,
strong password management, knowledge of multi-factor authentication, and
good computer hygiene.
• In 2018, the largest crypto security breach reported to date was one involving a
Japanese exchange.
• In 2013, a Polish trading site, Bidextreme.pl, reported a loss of 2300 BTC
• Since 2011, a total of $7.8Billion worth of cryptocurrency has been pilfered
through security breaches amounting to $3 Billion and another $4.8Billion
through scams.
13
14. S O U R C E S
• us-blockchain-and-cyber-security-lets-discuss.pdf
• Financial technology – Wikipedia
• Cryptocurrency – Wikipedia
• Top 5 Security Breaches of Cryptocurrency Exchange Providers | by Dr. Heinz
Doofenshmirtz | Geek Culture | Apr, 2021 | Medium
• Data breaches, security and cryptocurrency: What you need to know - Diligent
– Australia
• 5 things you need to know about fintech | World Economic Forum
(weforum.org)
• Top 10 Cyber Security Challenges for Fintechs - DevSlate Group
• Polish Bitcoin Exchange Bidextreme.pl Hacked, Bitcoin Wallets Emptied
(coindesk.com)
14