During the last International Cybersecurity Forum (FIC 2019), a scheduled demonstration attracted a lot of people: Qwant, the European search engine that respects users’ privacy, demonstrated how a Tesla can be hacked with a simple box to open the trunk and doors.
With this example alone, we can identify the whole issue of “Security by Design”, or how security must be thought of before the design of the connected object.
ALL AWARE OF THE RISKS
A great principle of Cyber-Security, is that it is essential that everyone is aware of the risks.
GDPR
“Security by Design” is an integral part of Article 25 of the General Data Protection Regulation.
AN ELEMENT OF MARKETING
According to preliminary figures, it would seem that many actors have taken ownership of this text on the regulation of personal data with 11,000 complaints from individuals in 2018 compared to 8,000 the previous year.
AN ELEMENT OF MARKETING
According to Messari (https://messari.io/), it takes an average of $7 million every day to secure the Bitcoin blockchain network.
The revenues paid to miners for top proof-of-work coins are listed below:
These figures are based on new issuance and transaction fees, eventually finding that Bitcoin produced the maximum output among all the PoW assets, issuing $7.392 million worth of bitcoin tokens every 24 hours and distributing over $115,000 in mining fees
UNSECURE TRANSACTIONS ARE TOO RISKY
According to a recent study relayed by the MIT Technology Review, only around five percent of Bitcoin trading volume is real.
There have been suspicions that the markets are overinflated for a while. In fact, fears of market manipulation have held up regulatory approval for a number of proposed Bitcoin exchange traded funds (ETFs), the eventual approval of which many enthusiasts believe will spur broader adoption of the technology by investors.
Now, in a twist, a company hoping to list an ETF has reported to US financial regulators that around 95 percent of all Bitcoin trading volume has been faked by exchanges.
Bitwise, a crypto-asset management firm, analyzed 81 exchanges, finding that 71 of them exhibited patterns that reflected artificial trading volume. One way to manufacture volume is via a technique called wash trading, in which someone simultaneously buys and sells the same asset.
Although the exchanges in the study reported a combined $6 billion in daily volume during four days this month, Bitwise determined that only $273 million of it was real.
CONCLUSION
As a conclusion, we can say that a technology should be made “secured by design” before being release to the market, otherwise the market will pay much more in trying to recover the damages.
Further more, in the regulations enforced today in Europe (for instance, NIS, GDPR or eIDAS), the notion of “security by design” is clearly expressed as a mandatory requirement.
Not implementing this particular “specification” is a case for non-conformity and can lead to huge fines and eventually a kick-out of the market.
What do you think? Any concern on your side?
