BIS unveils 7-step security framework for blockchain-based CBDCs
BIS' new Polaris framework will help central banks design and implement system to keep CBDCs, specially those using blockchain, secure.
The Bank for International Settlements (BIS) introduced a security framework on July 7 to help central banks develop secure digital currencies.
BIS noted that central bank digital currencies (CBDCs) will become “critical national infrastructure” in the future. And cyber attacks against critical infrastructure are among the top five risks with the most significant potential impact.
According to BIS, a CBDC system breach could “erode confidence and trust” in the CBDC, the central bank, and the financial system. Additionally, the CBDC hack could have a reputational, operational, and potentially legal impact, BIS noted.
Addressing gaps
Recently, BIS analyzed blockchain attacks in the decentralized finance (DeFi) space. The analysis revealed that there are “gaps in existing threat modeling techniques,” which means that CBDCs, especially those using digital ledger technology (DLT), may not be sufficiently protected against the tactics employed by attackers in the DeFi space.
BIS’ new 7-step framework called Polaris addresses these gaps to help central banks avoid the risks associated with a CBDC breach.
It is worth noting that many central banks and governments have shied away from using DLT technology in their CBDC, potentially because of the associated risks. For instance, designers of the digital pound “Britcoin” have said that the CBDC may not be based on a blockchain. China’s digital yuan also does not employ DLT.
The seven steps of the Polaris framework are: Prepare, Identify, Protect, Detect, Respond, Recover, and Adapt. Beju Shah, Head of Nordic Centre BIS Innovation Hub, noted:
“Cybsesecurity and resilience are essential to underpinning trust in CBDC systems so they work for everyone in society whenever and wherever. This framework can help guide central banks in their CBDC initiatives.”
BIS said that central banks could use the Polaris framework to recognize the emerging cyber threat landscape around CBDCs. The framework will guide central banks in adopting new technologies to support and secure their CBDC.
Additionally, the framework will help monetary authorities understand their capabilities that can be leveraged for the CBDC system while identifying areas where capabilities need to mature. Lastly, the framework will help central banks identify new capabilities to implement to operate a secure CBDC.
BIS said the framework is a baseline that will be periodically updated to keep it relevant against emerging risks and threats to CBDC systems.