The Bank of International Settlements (BIS), an international financial institution owned by the world’s central banks, has recently unveiled a new framework aimed at assisting members in addressing cyber risks associated with their digital currencies.
With several countries, including the US and UK, in the process of developing central bank digital currency (CBDC) systems, the need for robust security measures has become increasingly apparent. The Bank of England, for example, has expressed its intention to introduce a “digital pound” to enhance payment options and instill confidence in the monetary system.
Despite the potential benefits of CBDCs, they remain vulnerable to cyber threats posed by financially motivated cybercrime groups and even nation states. Recognizing this challenge, the BIS has introduced Project Polaris, a security and resilience framework along with a threat modeling exercise tailored specifically for CBDCs.
According to the BIS, a breach of a CBDC system due to cyber-attacks or technical failures could have far-reaching consequences, eroding trust in the infrastructure, central banks, and the financial system as a whole. The framework comprises 100 control objectives organized into a seven-step plan for security and resilience, namely prepare, identify, protect, detect, respond, recover, and adapt.
Central banks are encouraged to leverage the framework to gain a deeper understanding of the evolving CBDC threat landscape, select appropriate technologies for security, and identify areas for capability enhancement. The BIS emphasizes the importance of continuous updates to the framework to align with the dynamic nature of cyber threats and CBDC technologies.
Beju Shah, head of the Nordic Centre BIS Innovation Hub, emphasized the critical role of cybersecurity and resilience in fostering trust in CBDC systems. The framework, he noted, serves as a valuable tool to guide central banks in their CBDC initiatives and ensure the seamless operation of digital currencies for the benefit of society.
In conclusion, the BIS’s new framework represents a significant step towards enhancing the security and resilience of CBDC systems in the face of evolving cyber threats. By equipping central banks with the necessary tools and guidance, the framework aims to safeguard the integrity of digital currencies and maintain public trust in the financial ecosystem.