BIS Unveils Security Framework to Help Banks Develop Secure CBDCs

• The Bank for International Settlements (BIS) introduced a security framework on July 7 to help central banks develop secure digital currencies.
• BIS noted that CBDCs will become “critical national infrastructure” in the future and cyber attacks could have a reputational, operational, and legal impact.
• BIS‘ new Polaris framework provides 7 steps to design and implement system to keep CBDCs secure.

Bank for International Settlements Introduces Security Framework

The Bank for International Settlements (BIS) has introduced a security framework on July 7th, 2021 to help central banks develop secure digital currencies. BIS noted that central bank digital currencies (CBDCs) will become “critical national infrastructure” in the future, with cyber attacks against them among the top five risks with the most significant potential impact. A CBDC system breach could “erode confidence and trust” in the CBDC, the central bank, and the financial system, potentially impacting reputationally, operationally and legally.

Polaris Framework: Key to Secure Digital Currencies

In order to ensure safety of these systems from such threats, BIS has released its new Polaris framework which provides seven steps for designing and implementing an effective security system for CBDCs – especially those built using blockchain technology. The seven steps are: understanding threats; making risk-informed decisions; establishing governance; defining architecture; managing data integrity; managing identity access control; monitoring operations. Through this framework, the central banks can make sure that their systems are well-protected against any malicious actors or technical failures that might compromise their functionality or stability.

Understanding Threats

The first step of this framework is understanding all of the possible threats that may arise when developing a CBDC platform. This includes both external factors such as hackings or distributed denial-of-service attacks as well as internal threats like human errors or programming mistakes which can lead to vulnerabilities within the system itself. It is important for developers to be aware of all of these possibilities so they can take proper measures in order to reduce their risk profile while also ensuring user privacy is maintained throughout development and implementation processes.

Making Risk-Informed Decisions

Once developers understand all of potential risks they need to make informed decisions when it comes to how they design their platform’s architecture and what type of security protocols should be implemented into it in order to mitigate any potential harm coming from malicious actors or other sources of vulnerability. This includes selecting appropriate technology components such as authentication methods or encryption algorithms as well as setting up policies regarding data management in order protect user information from being misused by third parties without authorization from users themselves.

Establish Governance & Define Architecture

The next step involves establishing governance structures which will be responsible for overseeing development process and define who has access rights over different parts of architecture at various times during its life cycle – ranging from initial design stages through maintenance phases until eventual decommissioning once platform reaches end-of-life status. Additionally, developers must also define desired architecture features like scalability needs based on expected usage rates or latency requirements depending on specific applications being used by end users while ensuring compliance with relevant laws governing use cases associated with project’s scope including those related consumer protection regulations if applicable .