Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementTechnologies & SolutionsSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

Security: The lock and the key to the future of blockchain

By Ronghui Gu
blockchain-tech-freepik1170.jpg
February 28, 2022

The invention of blockchain by Satoshi Nakamoto has changed the course of the 21st century. Decentralized, censorship-resistant technology will only grow in importance over the coming years. Decentralized finance (DeFi) — though just a couple of years old — is already showing the world how it can advance financial inclusion and opportunity for everyone, not just the minority lucky enough to be born in a more economically developed country. But for blockchain technology to fulfill its full potential, the security standard needs to mature.


In 2021, more than a billion dollars were lost to nearly fifty hacks and exploits of DeFi protocols. For an industry that needs greater legitimacy to enable wider adoption, there will have to be a course correction to rebuild trust. Exploits drain funds from the wallets of the users whose participation is essential to continued innovation, deterring existing and potential adopters and setting the whole space back as a result. However, it’s worth noting that 2021’s losses represent a decline in the proportion of market capitalization lost to exploits compared to last year — i.e., though the figure was higher, the real impact was lower.


The fact that market capitalization and other metrics such as total value locked (TVL) have grown so rapidly is proof of the strong demand for decentralized financial services, even if they’re not yet fully mature. This is reminiscent of the early days of the internet when enthusiasts put up with slow speeds, limited functionality, and nonexistent security standards because of their love for the technology.


Blockchain is in good company

Not so long ago, the idea of entering your credit card details into a webpage would have been met with trepidation by most people. The internet was (rightly) viewed as no place for sensitive information. But then along came widespread encryption and the internet changed forever. Hypertext Transfer Protocol Secure (HTTPS) allows information to be transmitted securely between websites and users. Its adoption opened up a whole new range of internet applications, from online banking to the multi-billion dollar world of e-commerce. 


Blockchain is powered by encryption — the same technology that underpins HTTPS and secures the web. The public-key encryption algorithms that secure blockchains such as Bitcoin and Ethereum have never been broken, meaning users benefit from robust security guarantees just by using these networks.


Best practices must be followed, or it gets costly 

There’s more to meaningful security than just encryption. DeFi is powered by smart contracts, which, although extremely powerful and efficient, introduce completely new risks. When smart contract platforms secure tens of billions of dollars worth of digital assets, even a byte-sized error in the code can cause massive financial losses.


That’s why auditing is such an essential step for all DeFi projects. To put it bluntly, there’s really only one incentive for someone to go through the arduous work of inspecting a platform’s code: money. Giving that incentive to a professional auditing team rather than a hacker is an investment that pays out many times over.


Auditing is an essential first step, but it can only review the security of a project at one point in time. Smart contracts are usually interoperable between different blockchain projects, and once deployed, they interact with other contracts in ways that are not always predictable. And new projects can be released that change the playing field drastically from the time a platform was initially audited.


To take it one step further, on-chain monitoring can protect against the risks arising from this shifting landscape. It can provide real-time insights into the overall health of a project and guard against malicious interactions. Monitoring tools sound the alarm as soon as a protocol appears to have been compromised, stemming further losses. And on-chain analytic tools can even work preemptively to set a minimum threshold of security that must be met before two smart contracts are allowed to interact. Think of it as the difference between an analog security camera with limited storage space versus an integrated, smart monitoring system backed up in the cloud. One gives limited insight into a specific time frame, while the other provides deeper insights and proactive alerts. 


Ironing out security will help realize blockchain’s true potential

Effective security is not an afterthought or a hurdle to be cleared once. It’s an ongoing process that must be woven into the core of a product. Routine auditing and post-deployment monitoring combine static off-chain and dynamic on-chain analysis. The result is a comprehensive, end-to-end security solution that provides meaningful protection for the entire lifecycle of a platform.


Blockchain should be known for its powerful security and revolutionary potential, not for the small number of avoidable hacks and exploits that tarnish its reputation. Meaningful security practices must be as prevalent and adopted in crypto as HTTPS is on the internet. This means routine auditing, continuous real-time monitoring, and an ongoing commitment to security from both users and developers as the ecosystem evolves. Then, and perhaps only then, will blockchain technology be free to reach its full potential.

KEYWORDS: blockchain cyber security finance cybersecurity risk management

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Ronhgui gu

Professor Ronghui Gu is the Tang Family Assistant Professor of Computer Science at Columbia University and Co-Founder of CertiK. He holds a Ph.D. in Computer Science from Yale University and a Bachelor’s degree from Tsinghua University. He is the primary designer and developer of CertiKOS and SeKVM. Gu has received: an SOSP Best Paper Award, a CACM Research Highlight, and a Yale Distinguished Dissertation Award.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    New Security Technology
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

May 22, 2025

Proactive Crisis Communication

Crisis doesn't wait for the right time - it strikes when least expected. Is your team prepared to communicate clearly and effectively when it matters most?

September 29, 2025

Global Security Exchange (GSX)

 

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • workplace-security-freepik

    Powering the office of the future with a security ecosystem

    See More
  • enterprise wide cybersecurity training

    The first line of defense: Why employees are the key to stronger cybersecurity

    See More
  • Growing and Gaining

    Recruiting the Future of Security: Finding Future CISOs

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing