Blockchain Cybersecurity-While many CPAs may have been introduced to blockchain via bitcoin and other cryptocurrencies, the professional conversation related to blockchain is evolving.
Following the precipitous drop in cryptocurrency prices during 2018, the professional conversation around blockchain has shifted from focusing on price volatility to one focusing on enterprise applications that blockchain can improve.
However, as with any new technology, especially one as potentially disruptive as blockchain, additional considerations, like the impact blockchain will have on controls and other data management issues, need to be factored into the analysis. Cybersecurity is another hot topic, which predates the blockchain conversation, but is also much discussed and referenced by virtually every board and CFO due to the risk that a breach or hack can pose to the operations and financial results of the organization.
Blockchain, due to its tamper-resistant and encrypted nature, has been put forward as a possible solution to storing and communicating data between counterparties on a continuous basis. This is partially a strategic and big picture topic, so let’s take a look at some specifics for CPAs and other practitioners to understand:
Items to Consider
Though the underlying foundation of blockchain is the increased security of information stored therein, the risk of cybersecurity breaches or hacks is not eliminated. To develop or implement any type of blockchain platform, three core elements must be in place:
These components, however, always bring a risk for mistakes, errors, or deliberate omissions that can generate issues for both the system and the data stored therein. Additionally, even if one assumes that the underlying processes are robust and well documented, an important benefit of blockchain platforms is the sharing of data and communicating of information.
Depending on the specific blockchain platform that is utilized, from public (like Bitcoin), to private (like those funded by individual organizations), or a consortium based model (think of a joint venture), control and security considerations will vary. That said, making sure that consistent privacy and protection standards are utilized by network members is an absolute must.
Accounting professionals often handle sensitive information and have access to a wide array of client data, so a cybersecurity conversation is not as abstract as it might initially seem. While cybersecurity concerns and regulations may not have fallen within the traditional wheelhouse of accounting practitioners, the importance of data security and integrity is difficult to overstate.