Blog

Cybersecurity

The Big Deal About Bitcoin

Bitcoin gets a lot of hype. There’s fascination with the first digital currency to gain traction in the financial world and a bit of a dark side panache about the development. It’s the preferred payment system for cybersecurity ransom demands. A few years ago it was getting high usage from illegal drug peddlers and other miscreants. There was also a highly-publicized hack of one of the major exchanges, Mt. Gox.

Now Bitcoin is gaining more attention not only because it’s an electronic means for making payments but because of its inner workings and a unique quality that promises to shift the world of money transfers.

Bitcoin_open_source_from_bitaddress.org
Bitcoin is a decentralized payment system. Two individuals or entities can transfer value without the need for a centralized overseer. In other words, it’s electronic cash held in an electronic wallet. Decentralization is attractive for a lot of reasons but it’s the currency’s reliability and security that stands out. You can rely on a Bitcoin transaction being genuine. That’s because its “block chain” is hardened against tampering or revision.

Remember that term. Blockchain (as it’s most often cited) will be one of the buzzwords of the financial field over the next five years as reputable organizations adopt alternatives to the “rails” of the ACH, card systems, and alternatives. This is not a short journey. It won’t even be free of bumps along the way but it’s another disruptive new entry. And it’s worth watching to see if it could give way to something even more powerful that maintains all the advantages of its predecessor. Just look at the millions of dollars of venture capital that is flowing into the Bitcoin-related businesses.

Even if Bitcoin itself doesn’t have a long run I believe that the blockchain will. The ability to transfer funds at the speed of e-mail between individuals located anywhere in the world without conversion fees or international currency wars at very low cost is a game-changer. I believe we’ll see the blockchain being used earliest for international transfers but long term for secure tracking of everything from legal services to land titles.

Strategy, Not Knee-Jerk

Today a lawmaker who was briefed on the Federal Office of Personnel Management breach of employee data leaked that the incident is far worse than originally reported. Not 4 but maybe as many as 14 million records of federal employees, past and present, are in the hands of the bad people. Very disturbing. http://bloom.bg/1Fc8EMx

T
OPM Seal Small
hese record sets are what is known as “fulls” or “fullz” in the hacker lingo. They are full sets of information. Names, addresses, phones, social security numbers, pay, health records, military service records, and – most damaging – security clearances. Think of the opportunities. Think of the damage. Think of the outrage from the victims that their very safety and personal property has been exposed.

Plus it may have come from China.

But what bothers me most is the knee-jerk reaction from the Congressional hawks. They want a response. They want to declare war. They want to go to the alleged perps servers and destroy data. John McCain is almost shouting for a “preemptive strike.”

It’s another example of governmental leaders making quick decisions without thinking through the implications or consequences. Cyberwar is nothing trivial. Not only could it unleash a storm of “weaponized code” – as my clients in the information security world call it – but it may not come only from from a few sources like China or North Korea. The entire hacking community could get involved. That’s a lot of enemies. The implications are chilling.

McCain spoke about the ability to shut down the US power grid from abroad. If the US declares cyberwar we can probably expect exactly that type of action. The hawks will have guaranteed it. Often the government takes action without thinking through the unintended consequences.

Stuxnet, the malware developed to attack Iran’s centrifuges concentrating nuclear material, turned out to be reverse engineered and various versions were dropped back into US systems and weapons systems.

USCYBERCOM_Logo
Let’s not forget that the Snowden incident was a game-changer. One person was able to create an entirely different perception about government collection of data on upstanding citizens. He revealed the capabilities of the NSA and the US Cyber Command. Cybersecurity is an area where one person can create significant damage.

It is never good strategy to reveal your thinking to your enemy. “What’s wrong with you Santino? Never let someone outside of the Family know what you’re thinking.” Is it really a good idea to rattle sabers if you don’t have a prepared strategy to back it up. We can almost guarantee that one does not exist.

The smart way to approach this problem is with a two-pronged effort. One is the ratification of US and worldwide law that provides severe penalties for these actions. That’s what McCain should be backing and initiating with his history of taking brave political initiative. But the other prong should be a robust but clandestine plan to penetrate, invade, creatively disable enemies and deal with as many resulting contingencies as possible.

April, 2013 - What We're Watching in the Practice

Here’s a quick synopsis of projects, presentations, and work we’ve done over the recent past. I’m also including some trends we’re seeing from the work. It’s been a hectic several months as we’ve found a permanent place to live in a new city, remodeled a dwelling, and settled into home and office.

These days a great number of economic forecasting assignments come my way and the last two months have been no exception. I was asked for three economic forecasts in agriculture, manufacturing, and construction. It’s encouraging to be able to pass along relatively positive news and projections for a change.

Heaviest implications – the effects of a major cybersecurity breach on national/regional economies. Three years ago I moderated and did the closing keynote presentation to the most influential global meeting of information security professionals. 90% believe a major breach is imminent. The Pentagon has ramped up tactics, “weaponized code” is loose on the Internet, information security is now mixed into global conflicts and efforts to prevent access to nuclear weapons. This is a big deal and surprisingly it goes unconsidered in most business planning.

Most overlooked development – the quiet but impactful use of robotics. The development of devices like Baxter and the continuing utilization of manufacturing robots has quietly cut into employment. Expect deeper cuts in the next ten years. With the price point dropping, capability rising sharply, and programming easier look for these intelligent machines to slide into society under the radar.

Trending upward – succession is taking the biggest uptick in my consulting assignments. Transfer of business, top management replacement, and governance are areas where I see rising demand. With Boomers flooding over the 65 age-line and smaller pools of obvious successors available this is going to occupy more of my time in the coming years.

Longer term and interesting – the extraordinary transition society will make as energy sources swing from fossil fuels to renewables. It’s obvious that the effectiveness and adoption of renewable energy sources is poised for a rapid spurt. Legacy businesses have not thought through the implications for their own fields. The swing will most probably take place in the next 15-20 years.

I believe it’s shrewd to have social media presence although how this field gels in the next five years is still uncertain. I like the utility of
Twitter as a scanning aid and I also post sporadically. It’s also interesting to watch who follows the posts. I make no effort to attract followers but I find myself following many who find my posts useful.