Blockchain is gaining traction today, but critics who question the scalability, security, and sustainability of the technology remain. Deloitte member firms across the globe are continuing to collaborate to build blockchain capabilities to develop world class solutions and services for clients.

This paper specifically explores the security of blockchain capabilities, looking at a number of aspects including:

• Blockchain’s current level of security from a system and data perspective for both public and private ledgers
• The CIA security triad model, composed of three areas; (1) confidentiality, (2)integrity and (3) availability will be referenced to assess the current maturity level of blockchain technology
• Authentication, Authorisation and Audit (AAA), and Non Repudiation, fundamental security aspects for protecting information and designing / managing new systems and networks.

It also takes into consideration overall integrity, availability and confidentiality.

No cyber defense or information system can be regarded as 100 % secure. What is deemed safe today won’t be tomorrow given the lucrative nature of cybercrime and the criminal’s ingenuity to seek new methods of attack. Although some of the blockchain capabilities provide data confidentiality, integrity and availability, its cyber security controls and standards need to be adopted for organisations using blockchains within their technical  infrastructure in order to protect their organisations from external attacks.