Twelve years after its birth, blockchain technology has now become mainstream. Its market adoption can be attributed to the industry and blockchain enthusiasts who pushed for new regulations. Statista projects that blockchain opportunities are expected to grow from US$1.5 billion in 2018 to US$15.9 billion by 2023 as more than 50 percent of global enterprises seek to incorporate blockchain technology into their overall business and technology stack to support their specific blockchain use cases. Accordingly, IT auditors and cybersecurity professionals will need to prepare and upskill themselves with the required blockchain knowledge as part of the basic repertoire to be relevant in supporting the needs of this demanding technology.
Back in 2016, when I first started to learn about blockchain technology, blockchain-related information was limited to cryptocurrencies and crypto-mining provided by crypto-enthusiasts and crypto-miners. Since there, we have transitioned from information scarcity into information overload with the abundance of resources for learning and understanding blockchain technology from sites such as Coindesk, Coursera, Udacity, YouTube, etc. Unfortunately, in some ways, the flood of information only complicates the learning process as information is more confusing and difficult to digest due to the large number of blockchain platforms. With the release of ISACA’s Blockchain Framework and Guidance, ISACA seeks to provide a single source that addresses an overview of blockchain, including history, types, benefits, features, concepts and use cases, and offers a framework for the adoption of blockchain technology across enterprises. This document is the result of the collective efforts of many volunteers, including industry authors and expert reviewers.
The ISACA Blockchain Framework and Guidance provides foundational information, practical guidance and proposed tools for proper blockchain implementation, governance, security, audit and assurance. The unique aspects of blockchain technology and the blockchain touchpoints within existing technology ecosystems are explained in detail. In addition, Blockchain Framework and Guidance maps existing technology implementation disciplines into the process of blockchain adoption. This document is an ideal companion for the chief technology officer/chief information security officer/product team/frontline employees and the legal team (external or internal) to provide:
- Insight into the underlying working mechanics of the technology and the IT risk it may entail
- Understanding into how blockchain may affect the products/services that the enterprise offers and how the changes are likely to be received by customers/partners/vendors
- Advice on regulatory issues and changes that may be needed in contracts and other legal documents
For executives, ISACA also produced a shorter and more concise summary document, the ISACA Blockchain — An Executive View, to provide the summary of core concepts, use cases, and enterprise advantage and disadvantages, including security and privacy risks that executives need to know to shape strategic direction around the business of blockchain. Both documents will be available for immediate download from the ISACA Bookstore at no cost for ISACA members.