Unintended consequences: How decentralisation can help cybersecurity reinvent itself
Steve Bassi of Polyswarm explains how the network can quickly build micro-engines to tackle emerging threats, and be rewarded in cryptocurrency.
When I was 12 years old, I hacked into a local company's computer system. They found out, and instead of getting angry, they asked if I'd come work for them. I gained technical mentors at a young age which helped shape my viewpoint that information security is all about exploring unintended consequences.
As a society, when we build anything from software to spaceships, we're telling machines how to behave. Computers do what they're told to do, not what we intend them to do. We are engineering complexity so fast that code is created rapidly for machine learning, self-driving cars, and even airplanes. What are the unintended consequences? Our job as security professionals is to point out these vulnerabilities and identify the hackers who are trying to exploit them.
Most anti-malware and anti-virus companies are structured in a way that rewards chasing threats against widely used software. They are financially incentivized to go after large threats to maintain a large client base. And while widespread vulnerabilities are indeed a concern, each of us as individuals are much more likely to be hit by smaller everyday threats. It's the email phishing, attachments loaded with malicious links, and increasingly sophisticated attacks we need to work harder to prevent.
So how can we incentivize quicker threat detection for not only the widespread vulnerabilities, but the smaller and equally malicious attacks that happen each and every day? Decentralization can allow the information security industry to not only be thousands of times more efficient, but to change the very economics of threat detection.
When I led Narf Industries, a security research and development company, we built narrowly-focused solutions to security problems but had no way to widely distribute them to protect a greater user base. But with a decentralized threat intelligence and anti-virus platform, enterprises and end-users can benefit from security experts worldwide who are actively working to protect them from emerging threats.
Incentives are key to this. With PolySwarm, we enlist IT teams and antivirus software companies to spot new files, software, and documents that need to be scanned, and distribute them to a network of researchers around the world. The network can quickly build micro-engines to tackle emerging threats, and be rewarded in cryptocurrency.
Tokens are used for incentives, but the payments don't just go to researchers. The system requires micro-engines to stake tokens on its assessment of the digital products it scans, proving a researcher's confidence in their assertion. Every researcher who makes a correct assessment gets a share of the fee paid for the scan, along with the Nectar that was staked by micro-engines that assessed the digital product incorrectly.
Blockchain technology has the ability to decentralize cybersecurity and redefine its entire economic structure. When you consider threat intelligence, it's easy to forget that we're talking about billions of emails, attachments, and other artifacts that we click each day. By creating decentralized solution to incentivize more effective cybersecurity, we can build a safer future for the digital age.
Steve Bassi, CEO of Swarm Technologies, previously founded Narf Industries, an information security R&D firm, with marquee clients from DARPA to members of the Fortune 500.