Can bitcoin-style decentralisation help prevent data breaches?
Tide was founded in 2018, and this year won a tender with the Department of Defence. It has also formed a strategic partnership with global IT giant NTT and has a research partnership with RMIT and several other leading universities.
Cyber ‘herd immunity’
Tide’s technology introduces a form of “cyber-herd-immunity” by allowing organisations to protect the keys to their most sensitive digital assets behind a global decentralised network of organisations, removing any single point of failure or vulnerability.
Organisations utilise Tide’s network to lock their sensitive customer data with keys that are only available for specific use, in specific intervals, held in hermetic secrecy – all policed by an entire network that works on consensus, outside the reach of any single organisation or individual, including Tide itself.
“It doesn’t rely on honesty or availability of the nodes on the network – so there’s no one place to attack to impact its performance or security,” Mr Loewy said.
He said IT staff held immense power over organisations because of their authority over systems and unfettered ability to access sensitive data. Most major data breaches were not because systems had been breached, but because access credentials had been compromised.
“Optus and Medibank, like any other company, have people that operate and manage systems that have carte-blanche access over every piece of data they collect. All it takes is for that person, or system to be compromised for this data to be taken en masse – and there’s literally nothing anyone can do about it,” he said.
“This Achilles’ heel exists in virtually every company on the planet. Until the cybersecurity paradigm is changed we’ll be seeing these headlines regularly.”
Mr Loewy said Tide’s technology was built on the concept of decentralisation inspired by cryptocurrencies that might have become a medium of speculation but had endured and proved their superior security resilience,
“The bitcoin network ripped any authority out of the platform. You are trusting mathematics, not people,” he said.
“It’s one of the most resilient concepts from a security perspective. We applied those same principles to introduce that same resilience to any traditional IT system or platform.”