• Security and risk management leaders can ensure successful application of blockchain for data security by managing expectations and planning for the imminent evolution of the technology.
Although there is a whole wide world of possibilities when it comes to applications for blockchain, certain functions have been a natural fit for the technology from the start. The ‘natural fit’ is the direct result of the perfect match formed between a certain requirement and blockchain’s features – immutability, transparency, and decentralized control. One such requirement that can naturally benefit from blockchain is data security. Theoretically, the use of blockchain for data security applications seems common sensical. However, practical application of the technology in data security is not as straightforward due to the numerous challenges associated with blockchain, mostly stemming from the technology’s immaturity. Security and risk management leaders should thus ensure the success of their organization’s blockchain projects by steering clear of the hype and taking a rational approach. Following are three concrete guidelines to ensure organizations stay on track with their blockchain venture and make the most out of it:
1. Identify the benefits of blockchain for data security
Blockchain provides numerous benefits to data security, as compared to traditional data security technologies. The benefits include decentralization, absolute immutability, and transparency, among others. Security and Risk Management (SRM) leaders should identify and prioritize the benefits that would add maximum value to their specific application areas. To identify the most relevant benefits, SRM leaders must first clearly understand the advantages of blockchain-based data security, and differentiate it from those of the existing technologies. Clearly understanding blockchain and its capabilities will not only help SRM leaders manage expectations for blockchain projects better, but will also ensure that the use of blockchain is truly justified, and not a hastily planned endeavor driven purely by hype.
2. Expect and plan for changes in technology
Blockchain’s immaturity is a significant factor that SRM leaders need to be aware of and come to terms with. As a consequence of its immaturity, the technology is constantly evolving and is approaching stability through rapid changes. Currently, there are no industry standards governing blockchain applications, and hence it is too early for making any long-term technological commitments that may be annulled in the future. Instead, SRM leaders should plan all blockchain projects with the assumption that the existing applications will run their life cycles out within a short-intermediate term. Planning for the quick redundancy of existing forms of blockchain and setting short-term milestones will help in mitigating the risks associated with the immaturity of the technology and the resulting uncertainty.
3. Experiment with low-risk applications first
In line with the above recommendation, businesses should keep in mind the rapid evolution of blockchain to plan short-term projects and aim for low-risk areas of application. SRM leaders planning to use blockchain for data security must lay emphasis on starting small and clearly outlined steps to minimize risks. For pilot projects and proof-of-concept initiatives, SRM leaders must choose the operations that are at the periphery of the business. For experimental data security projects using blockchain, businesses should target non-core, non-critical data stores. Using core data sources such as those containing customer information and sensitive financial data can prove risky for the initial blockchain-based data security projects.
Although blockchain can potentially change the world in numerous ways, initial applications of the technology should focus on changing the small aspects of business. The biggest mistake any business can make with blockchain is expecting it to do too much, too soon. This is where technology leaders, CIOs, and security and risk management leaders can educate the business leaders and help in managing expectations.
