CBDC Security: the BIS framework aims to reinforce the global financial system’s resilience to cyber threats.
The Bank for International Settlements (BIS) is an institution owned by constituent central banks. Notably, it has taken significant steps to address the rising cybersecurity threats faced by central bank digital currencies (CBDCs). In a recent report, the BIS highlighted the need for enhanced security measures due to the increasing exploits against decentralized finance (DeFi).
The BIS recognizes the urgency for robust security measures in CBDC systems, citing recent smart contract hacks in the DeFi sector. These hacks resulted in substantial value loss, underscoring the potential security risks faced by CBDCs.
Framework for Defending CBDCs
The BIS report emphasized the importance of security frameworks in ensuring the confidentiality, integrity, and availability of CBDC transactions. CBDC systems must possess the capability to dynamically scale in response to sudden surges in transaction volumes.
Additionally, these systems should be designed to operate without any single points of failure. This ensures uninterrupted functionality even if the underlying financial institution experiences outages.
The BIS stated:“To effectively implement control objectives tailored to CBDC systems, this framework follows a structured approach encompassing seven essential steps: Prepare, Identify, Protect, Detect, Respond, Recover, and Adapt.”
Within these seven steps, the framework encompasses a total of 104 control objectives. Some of these objectives include implementing a 24/7 monitoring and alerting function, conducting thorough due diligence on the security of cryptographic keys. In addition, leveraging Distributed Denial of Service (DDoS) protection services to alleviate network traffic volume.
To successfully execute this framework, the BIS emphasizes the need for key stakeholders to establish a central bank senior leadership and board. They also highlighted the need toappoint a chief security officer, and assemble dedicated information technology and security teams.
BIS’s Stance on CBDC Adoption
Despite caution regarding decentralized finance, the BIS has consistently shown support for the adoption of CBDCs. In June, the organization published a unified-ledger proposal for cross-border and tokenized asset transactions. This was to further showcase its commitment to advancing CBDC technologies.
Additionally, the BIS concluded a distributed ledger technology collaboration with the Bank of England in April. This further highlighted its dedication to exploring innovative solutions for digital currencies.