A heads-up to CSOs and CISOs. The ability for you to keep up with the continued evolution and introduction of new technologies has been a challenge for years, and it won't end soon. 

Never before in the history of the enterprise security profession has there been such a continuous influx of new and emerging technologies for CSOs and CISOs to get their arms around. A technology that clearly fits into the category of new/emerging technology is cryptocurrencies.This is an issue now and the importance and implications are expected to grow for the foreseeable future.

A cryptocurrency is a medium of value exchange much like traditional currencies such as U.S. dollar, Euro, Yen and so on. Unlike traditional money, there is no physical manifestation of a cryptocurrency nor is it backed by a government authority, at least that is the case at this time. These new forms of money are designed for the sole purpose of exchanging digital information about value through a process made possible by certain principles of cryptography, which is used to secure the transactions and to control the creation of new cryptocurrency units. In July 2016 there were 740 different cryptocurrency types identified, and some predict the total number of cryptocurrencies from the concept’s inception to be around a thousand. Here are what I believe to be the most common cryptocurrencies today. Not in any particular order they are – Bitcoin, BlackCoin, Dash, DogeCoin, and Ethereum.

It is clear that digital money or cryptocurrencies are well underway to becoming a central component in the digital globalization era that we are in today. So what does this mean to CSOs and CISOs? As it turns out, a lot!  Consider all of the computer systems and business processes that will be impacted as more organizations integrate cryptocurrencies as a method of payment. Now think of all the new equipment that will need to be installed if an organization is going to accept cryptocurrencies at physical locations. I recently saw a new retail credit-card reader that was equipped to accept Bitcoins. 

But the use of cryptocurrencies do not stop there, as there is a dark side to this technological advancement. 

We are all familiar with the growing threat of Ransomware. These style attacks are becoming more frequent and more expensive. In fact, the Atlantic recently published a piece titled, “How Ransomware Became a Billion-Dollar Nightmare for Businesses.” That title alone should put this issue in perspective. The article notes how Ransomware now costs small and medium companies at least $75 billion in expenses and lost productivity annually. The FBI has stated that ransomware attacks cost victims a total of $209 million in the first three months of 2016. 

If you do the math from the 2015 figure, you can see an increase of more than 870 percent! Another shocking statistic revealed in that article was that a survey of IT professionals found that 92 percent had clients that suffered ransomware attacks last year. Shocking was the statement that 40 percent sustained at least six attacks. Cybersecurity icon Symantec reported earlier this year that ransomware attackers demanded an average ransom from consumers of $679, up sharply from $294 at the end of 2015. That is a 230-percent increase in just three months. Now, you can understand why some organizations are establishing cryptocurrency accounts, to have the ability to pay ransoms for systems being held hostage. Clearly, this is the norm for ransomware! 

The bottom line is that every CSO and CISO must prepare their organization for an onslaught of ransomware attacks and its associated costs. The first step is to brief your executives and corporate council. I am sure they will want to be involved.