Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Cybersecurity Aspects of
Blockchain and
Cryptocurrency
About Me
Tony Martin-Vegue
@tdmv
• 20 years in Technology; last 10 in Cyber Risk
• FAIR practitioner for about 7 years now...
Book chapter…
“Cyber Risk
Quantification of
Financial
Technology”
Paradigms
Emerging
Risks
From the “Today Show,” 1994
“What is Internet, Anyway?”
Paradigm Shifts
Users
Databases
Resources
Traditional Defense-In-
Depth
UsersDatabases
Resources New Normal
There is no cloud.
Just someone else’s
computer
…blockchain is just someone
else’s database.
Traditional Defense-In-Depth Beyond the Hard Perimeter
• Clear perimeter
• Policy enforcement points
• Company-controlled
...
Emerging
Risks
The Strange Case
of Mt. Gox
(or, how forgetting
the fundamentals
can really hurt)
“The One Patch
Most Needed in
Cybersecurity”
Cybersecurity aspects of blockchain and cryptocurrency
Cybersecurity aspects of blockchain and cryptocurrency
Upcoming SlideShare
Loading in …5
×

Cybersecurity aspects of blockchain and cryptocurrency

88 views

Published on

Slides from Tony Martin-Vegue's presentation at PRMIA 2018 Risk Management and Regulatory Compliance Round Table in San Francisco, CA | April 11, 2018

"Cybersecurity Aspects of Blockchain and Cryptocurrency"

Abstract:
Many companies are considering blockchain technologies to make transactions faster, more secure and cost effective. If you are performing risk analysis on these emerging technologies, you ask be asking yourself: how do I even start to analyze risk when there are so many unknowns? A successful analysis requires a paradigm shift in thinking into two areas: casting aside the defense-in-depth metaphor to describe security controls; and, how we assess and analyze risk of new and emerging technologies that have a high degree of uncertainty.

This talk will cover how to reframe your assessments for emerging technologies, such as blockchain, and how risk quantification methodologies such as Factor Analysis of Information Risk (FAIR) can help answer some of these questions and produce a credible risk assessment.

Published in: Economy & Finance
  • Secrets To Making Up These secrets will help you get back together with your ex. ♣♣♣ http://goo.gl/FXTq7P
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • Be the first to like this

Cybersecurity aspects of blockchain and cryptocurrency

  1. 1. Cybersecurity Aspects of Blockchain and Cryptocurrency
  2. 2. About Me Tony Martin-Vegue @tdmv • 20 years in Technology; last 10 in Cyber Risk • FAIR practitioner for about 7 years now • Reside in the Bay Area
  3. 3. Book chapter… “Cyber Risk Quantification of Financial Technology”
  4. 4. Paradigms Emerging Risks
  5. 5. From the “Today Show,” 1994 “What is Internet, Anyway?”
  6. 6. Paradigm Shifts
  7. 7. Users Databases Resources Traditional Defense-In- Depth
  8. 8. UsersDatabases Resources New Normal
  9. 9. There is no cloud. Just someone else’s computer
  10. 10. …blockchain is just someone else’s database.
  11. 11. Traditional Defense-In-Depth Beyond the Hard Perimeter • Clear perimeter • Policy enforcement points • Company-controlled hardware, software, data • Access-control based trust models • Compliance: easy to define • Fuzzy or no perimeter • Enforcement points: not applicable • “Ownership” is decentralized • Zero-trust • Still figuring compliance out
  12. 12. Emerging Risks
  13. 13. The Strange Case of Mt. Gox (or, how forgetting the fundamentals can really hurt)
  14. 14. “The One Patch Most Needed in Cybersecurity”

×