The fundamental design of contemporary security models leaves opportunities and incentives for hackers and insiders to breach a company’s information assets due to the centralized control of the trusted third party (e.g., governments, banks, corporations). The mechanism of Blockchain has recognized this flaw as the central point of failure. This conceptual paper introduces Blockchain, the first native digital medium for securely transferring value over the Internet. It discusses how Blockchain, with bounded rationality, can undermine the motivations of breachers to secure information assets as information security research has switched from defending the products of hackers to hackers themselves. We reviewed the literature about Blockchain, bounded rationality, and information security to discuss how Blockchain can complement and improve current information security defense models, especially in preventing external hackers and reducing insider breaches. Our illustrations in the paper show that applications of Blockchain with current cybersecurity countermeasures can dramatically increase the complexity of compromising information assets and significantly advance information security.

Adhami S. et al. (2018) Why Do Businesses Go Crypto? An Empirical Analysis of Initial Coin Offerings. Journal of Economics and Business 100 (Nov–Dec), 64-75.

Ajzen I. (1991) The Theory of Planned Behavior. Organizational Behavior and Human Decision Processes 50(2), 179-211.

Anthes G. (2015) Estonia: A Model for E-Government. Communications of the ACM 58(6), 18-20.

Böhme R. et al. (2015) Bitcoin: Economics, Technology, and Governance. Journal of Economic Perspectives 29(2), 213-38.

Bos J.W. et al. (2014) Elliptic Curve Cryptography in Practice. In International Conference on Financial Cryptography and Data Security, 157-175, Springer.

Casey M. and Wong P. (2017) Global Supply Chains Are About to Get Better, Thanks to Blockchain. Harvard Business Review, 3(13), 1-6.

Catalini C. (2017) How Blockchain Applications Will Move Beyond Finance. Harvard Business Review, 3(2), https://hbr.org/2017/03/how-blockchain-applications-will-move-beyond-finance.

Chainalysis (2023) Chainalysis in Action: Department of Justice Announces Second-Largest Ever Crypto Seizure, with $3.36 Billion in Bitcoin Seized from Silk Road Hacker. Retrieved October 7, 2023 from https://www.chainalysis.com/blog/james-zhong-silk-road-hack-seizure.

Chauhan A. et al. (2018) Blockchain and Scalability. In 2018 IEEE International Conference on Software Quality, Reliability and Security Companion (QRS-C), Lisbon, Portugal, 122-128.

Chernyshev M. et al. (2019) Healthcare Data Breaches: Implications for Digital Forensic Readiness. Journal of Medical Systems 43(1), 1-12.

Circle (2023) Circle Launches Web3 Wallet Service for Developers. Retrieved October 7, 2023 from https://www.circle.com/en/pressroom/circle-launches-web3-wallet-service-for-developers.

Clearswift (2018) Clearswift Insider Threat Index 2018. Clearswift A Help Systems Company. Retrieved July 2, 2020 from https://www.clearswift.com/about-us/pr/press-releases/cybersecurity-incidents-insider-threat-falls-uk-and-germany-post-gdpr.

Crypsis (2020) 2020 Incident Response and Data Breach Report. The Crypsis Group. Retrieved July 2, 2020 from https://register.crypsisgroup.com/cybersecurity-threat-report.

Dannen C. (2017) Introducing Ethereum and Solidity: Foundations of Cryptocurrency and Blockchain Programming for Beginners. Apress Berkeley, CA.

Driscoll S. (2013) How Bitcoin Works under the Hood. ImponderableThings, Blogger. Retrieved April 1, 2022 from http://www.imponderablethings.com/2013/07/how-bitcoin-works-under-hood.html.

Estonian (2022) E-Estonia. Retrieved April 1, 2022 from https://e-estonia.com/story.

Eyal I. et al. (2016) Bitcoin-Ng: A Scalable Blockchain Protocol. In 13th USENIX Symposium on Networked Systems Design and Implementation (NSDI 16), 45-59.

Franceschi-Bicchierai L. (2021) Company That Routes Billions of Text Messages Quietly Says It Was Hacked. Vice’s Motherboard. Retrieved April 1, 2022 from https://www.vice.com/en/article/z3xpm8/company-that-routes-billions-of-text-messages-quietly-says-it-was-hacked.

FTC (2022) Equifax Data Breach Settlement. Federal Trade Commission. https://www.ftc.gov/enforcement/refunds/equifax-data-breach-settlement.

Gallagher R. and Flanagan P. (2021) Hackers Offer Decrypt Key to Irish Health Service with a Catch. Bloomberg News. Retrieved April 1, 2022 from https://www.bloomberg.com/news/articles/2021-05-19/hackers-threaten-to-release-irish-patient-data-after-attack.

Gigerenzer G. and Selten R. (2002). Bounded Rationality: The Adaptive Toolbox. MIT press.

Glazer E. and Yadron D. (2014) JP Morgan Says About 76 Million Households Affected by Cyber Breach. Wall Street Journal. Retrieved April 1, 2022 from https://www.wsj.com/articles/j-p-morgan-says-about-76-million-households-affected-by-cyber-breach-1412283372.

Goel V. and Perlroth N. (2016) Yahoo Says 1 Billion User Accounts Were Hacked. New York Times. Retrieved April 1, 2022 from https://www.nytimes.com/2016/12/14/technology/yahoo-hack.html.

Greenstein S. (2019) The Aftermath of the Dyn Ddos Attack. IEEE Micro 39(4), 66-68.

Grover P. et al. (2018) “Technology Enabled Health” – Insights from Twitter Analytics with a Socio-Technical Perspective. International Journal of Information Management 43, 85-97.

Gupta V. and Knight R. (2017) How Blockchain Could Help Emerging Markets Leap Ahead. Harvard Business Review, 5(17), 1-6.

Iansiti M. and Lakhani K.R. (2017) The Truth About Blockchain. Harvard Business Review 95(1), 118-127.

Kovacs E. (2021) Telecoms Giant Syniverse Discloses Years-Long Data Breach. Wired Business Media. Retrieved April 1, 2022 from https://www.securityweek.com

/telecoms-giant-syniverse-discloses-years-long-data-breach.

Kshetri N. (2018) 1 Blockchain’s Roles in Meeting Key Supply Chain Management Objectives. International Journal of Information Management 39, 80-89.

Kshetri N. (2021) The Economics of Central Bank Digital Currency. IEEE Computer 54(6), 53-58.

McKendrick J. (2016) Disney, Yes Disney, Becomes Blockchain's Biggest Proponent. CBS Interactive. Retrieved April 1, 2022 from http://www.zdnet.com/article/disney-yes-disney-becomes-blockchains-biggest-proponent.

Mueller-Eberstein M. (2017) The Next Radical Internet Transformation: How Blockchain Technology Is Transforming Business, Governments, Computing, and Security Models. Adgetec Corporation. ACM webinar. Innovation Economy Institute, Rutgers University. Retrieved April 1, 2022 from https://on.acm.org/t/the-next-radical-internet-transformation-how-blockchain-technology-is-transforming-business-governments-computing-and-security-models/51.

Murck P. (2017) Who Controls the Blockchain? Harvard Business Review, 4(19), 1219-1237.

Nakamoto S. (2008) Bitcoin: A Peer-to-Peer Electronic Cash System. Bitcoin.org. Retrieved April 1, 2022 from https://bitcoin.org/bitcoin.pdf.

Nelson J. (2022) Civic Adds Verification Platform to Battle Bots and Scams. Decrypt. Retrieved October 7, 2023 from https://decrypt.co/106288/civic-continues-its-campaign-to-battle-bots-and-scams.

Peck M. (2015) The Future of the Web Looks a Lot Like Bitcoin. Spectrum IEEE (1 July), Retrieved April 1, 2022 from https://spectrum.ieee.org/the-future-of-the-web-looks-a-lot-like-bitcoin.

Perdana A. et al. (2021) Distributed Ledger Technology: Its Evolutionary Path and the Road Ahead. Information and Management 58(3), 103316.

Peretti K.K. (2008) Data Breaches: What the Underground World of Carding Reveals. Santa Clara Computer and High Tech. LJ 25, 375.

Perlroth N. et al. (2016) Hackers Used New Weapons to Disrupt Major Websites across US. New York Times. Retrieved April 1, 2022 from https://www.nytimes.com/2016/10/22/business/internet-problems-attack.html.

Pinho M. (2021) AWS Shield Threat Landscape Review: 2020 Year-in-Review. Amazon, AWS Security Blog. Retrieved April 1, 2022, from https://aws.amazon.com/blogs/security/aws-shield-threat-landscape-review-2020-year-in-review/.

Popper N. (2015) Bitcoin Technology Piques Interest on Wall St. New York Times. Retrieved April 1, 2022, from https://www.nytimes.com/2015/08/31/business/dealbook/
bitcoin-technology-piques-interest-on-wall-st.html?_r=0.

Puhakainen P. et al. (2006) Design Theory for Information Security Awareness. Unpublished Thesis. University of Oulu, Finland.

Schatsky D. and Muraskin C. (2015). Beyond Bitcoin, Blockchain is Coming to Disrupt Your Industry. Deloitte Insights. Retrieved April 1, 2022 from https://www2.deloitte.com/us/en/insights/focus/signals-for-strategists/trends-blockchain-bitcoin-security-transparency.html.

Scott M. (2014) Estonians Embrace Life in a Digital World. New York Times. Retrieved April 1, 2022 from https://www.nytimes.com/2014/10/09/business/international/
estonians-embrace-life-in-a-digital-world.html

Sievert M. (2021) The Cyberattack against T‑Mobile and Our Customers: What Happened, and What We Are Doing About It. T‑Mobile. Retrieved April 1, 2022 from https://www.t-mobile.com/news/network/cyberattack-against-tmobile-and-our-customers.

Simon H.A. (1955) A Behavioral Model of Rational Choice. The Quarterly Journal of Economics 69(1), 99-118.

Stack B. (2017) Here’s How Much Your Personal Information Is Selling for on the Dark Web. Cybersecurity, Experian. Retrieved April 1, 2022 from https://www.experian.com/blogs/ask-experian/heres-how-much-your-personal-information-is-selling-for-on-the-dark-web/.

Sung M. (2020) China’s National Blockchain Will Change the World. Yahoo Money. Retrieved April 1, 2022 from https://finance.yahoo.com/news/china-national-blockchain-change-world-82614309.html?guccounter=1&guce_referrer=
aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbS8&guce_referrer_sig=
AQAAAHpEf8FrJvGzrxLUsxUz023RH41q16lk0GnOSmgFBtLPr2t
NoIFiIE3m5U8knbOK6dXuO1nJ4ymsMXW9l0cV35FrItvPy0VY5
AN_-EtUARL4xLK2AjozM5dZpd5Y7ypaQQ7X-MBgfdt4BZNAbJ-Qm69DwkpVcExy78YdYWaojZvz.

Tapscott D. and Tapscott A. (2016) The Impact of the Blockchain Goes Beyond Financial Services. Harvard Business Review, 10(7), 2-5.

Teeluck R. et al. (2021) Blockchain Technology and Emerging Communications Applications. In: Tamane, S.C., Dey, N., Hassanien, AE. (eds) Security and Privacy Applications for Smart City Development. Studies in Systems, Decision and Control, vol 308. Springer, Cham.

Tversky A. and Kahneman D. (1986) Rational Choice and the Framing of Decisions. The Journal of Business 59(4), S251-S278.

Walport M. (2016) Distributed Ledger Technology: Beyond Blockchain. UK Government Office for Science. Retrieved April 1, 2022 from https://assets.publishing.service.gov.uk/media/
5a818d6fe5274a2e87dbe3dd/gs-16-1-distributed-ledger-technology.pdf

Wueest C. (2015) Underground Black Market: Thriving Trade in Stolen Data, Malware, and Attack Services. Symantec Corporation. Retrieved April 1, 2022 from http://www.symantec.com/connect/blogs/underground-black-market-thriving-trade-stolen-data-malware-and-attack-services

Ying W. et al. (2018) Digital Enablement of Blockchain: Evidence from Hna Group. International Journal of Information Management 39, 1-4.