On The Cyber Security Matters Podcast we were delighted to be joined today by Marco Pineda, an international CISO with a particular specialism in the finance industry. Episode 10 saw us unpacking Marco’s 20 years of experience in information security and talking about the security impact of DLTs. Read on for his insights into the changes coming to the industry following recent concerns around blockchain and crypto.
What does distributed ledger technology (or DLT) and its applications mean for the future of the global financial industry?
As far as DLT is concerned, you need to understand what the application is. They’re great technologies for environments with a low trust atmosphere, such as cross-border cooperation or between companies where you need an intermediary to provide that trust. It’s a very interesting kind of technology. One of the best uses of DLTs is cross-border customs and documentation for bills of trading. Each government has their own systems, and people need to know how to get documents across that each government will trust.
What are the security challenges that these technologies present?
It’s mostly the distribution, but understanding and the maths behind it is certainly a challenge too. There’s the additional concern that your system might be sitting on top of other systems that you don’t control at all. That’s an interesting risk facet that might be unique to the DLT area, because if I put a ledger out there, by definition, somebody else is managing that ledger. They’ve got their own machine. They’re taking care of it themselves. It’s their copy of it. I haven’t yet heard a good risk analysis on what that actually means for a company.
How can security frame itself more positively to help enterprises reach their financial goals, instead of being viewed as a cost centre?
We can take a cue from our colleagues who are trying to see how they fit in with the overall business strategy. You need to show your value to the company, which comes from looking at your portfolio of services / products, and seeing how they can support the business’ strategy. Take some initiatives here and there, offer people proposals. At the end of the day, you need to prove your direct business impact. That means doing things like protecting documents so that your business can ship information and do secure collaboration. Those are the things that security professionals can do that helps a business directly. Get creative, take a look at what your skill sets are, what your services have, and see how they might be able to support the business in their goals.
To hear more about the impact of Cyber Security in your business, tune into the full episode of The Cyber Security Matters Podcast here.
We sit down regularly with some of the biggest names in our industry, we dedicate our podcast to the stories of leaders in the technologies industries that bring us closer together. Follow the link here to see some of our latest episodes and don’t forget to subscribe.