With malicious hackers scamming blockchain businesses out of millions of dollars every month, cryptocurrency will need better digital protection going forward – but the emerging industry is struggling to recruit cybersecurity professionals amid a climate of fear and mistrust.
Although the number of cybersecurity workers topped the one million mark last year in both the US and Europe, it is thought that many of these are refusing to work with blockchain companies – because they doubt the platform and do not understand it.
Charles Pritzl, competency director at recruitment firm Experis Practices, confirmed the trend in a CyberNews interview.
“Although blockchain has been around for several years, it has not been until recently that there has been an uptick in web 3.0 talent recruitment,” he said, adding that the complexity of the technology had “scared off” a lot of conventional cybersecurity professionals.
Fresh blood needed
Calling for a new breed of tech-savvy specialists to be cultivated, he said: “Companies will need to look to a younger population that has more experience with crypto, DeFi, and blockchain for security resources. Many of the ‘old guard’ pen testers do not relate to the new technology. Buying NFTs of a digital ape for seven figures is hard to understand – is this a fad like [1980s stuffed toy range] Beanie Babies, or is it artwork that appreciates over time?”
In regard to concerns raised about the security of blockchain, Pritzl urged developers to “shift left,” an industry term for implementing best practice earlier on.
“Companies need to make security part of the initial software design,” he said. “It is no longer acceptable to test an application's security after it is coded. The testing and security validation need to be performed throughout the software life cycle.”
Start-ups too hasty, states too slow
Pritzl also insisted that blockchain is not fundamentally more insecure than other platforms, but said the problem was caused by overly ambitious start-ups rushing to get their products out quickly.
“The world of DeFi is moving so fast with companies wanting to lead the way, that they sometimes sacrifice security to be first,” he said. “The old adage pertains: you are only as secure as your weakest link.”
But he dismissed the notion that state regulation would be of help in making blockchain more secure, largely because the process of lawmaking is too ponderous to keep up with the industry.
“You cannot ‘regulate’ security into technology,” he said. “The advancements move faster than any government regulation. Standards can be defined, companies can build and test according to those standards and regulations, yet hacks will still happen. The bad actors are multiple steps ahead.”
Governments are better off investing their energy in innovation rather than policy, he added.
“The technology is getting a lot of hype right now due to the run-up of NFT values and the metaverse. What has not received a lot of hype is the work that financial institutions and the government have dedicated to these technologies in preparation for when it goes mainstream.”
More from CyberNews:
Subscribe to our newsletter