The Bank for International Settlements (BIS) has unveiled a comprehensive framework aimed at bolstering the security of central bank digital currencies (CBDCs) against cyber threats. The BIS highlighted the increasing vulnerability of decentralized finance (DeFi) platforms as an impetus for developing more secure CBDC systems.
In its report, the BIS emphasized the importance of safeguarding the confidentiality, integrity, and availability of CBDC transactions. The framework proposes seven key steps – Prepare, Identify, Protect, Detect, Respond, Recover, and Adapt – to establish control objectives for CBDC systems. These objectives encompass measures such as continuous monitoring, due diligence on cryptographic keys’ security, and utilizing distributed denial-of-service (DDoS) protection services to manage network traffic volume effectively.
To implement this framework effectively, the BIS recommended the creation of a central bank senior leadership and board, a chief security officer, and dedicated IT, security, and stakeholder teams. This collaborative approach aims to ensure the resilience and operational continuity of CBDCs even during disruptive events or attacks on underlying financial institutions.
Despite expressing caution regarding decentralized finance, the BIS has been actively advocating for the adoption of CBDCs. Recently, it published a unified-ledger proposal for cross-border and tokenized asset transactions, demonstrating its commitment to exploring innovative applications of blockchain technology. Earlier collaborations with the Bank of England also showcased BIS’s interest in distributed ledger technology.
Overall, the BIS’s security framework serves as a vital guide for central banks and policymakers in designing robust CBDC systems that address potential cybersecurity risks. By implementing the recommended control objectives and establishing the necessary leadership and governance structures, central banks can enhance the security, scalability, and reliability of their digital currency initiatives.