The Bank for International Settlements (BIS), the financial arm of central banks, has introduced a framework to safeguard central bank digital currencies (CBDCs) from cybersecurity threats. The BIS emphasized the importance of protecting the confidentiality, integrity, and availability of CBDC transactions in its report. The framework aims to ensure that CBDC systems can scale dynamically, operate continuously, and function even during disruptions to underlying financial institutions. It also addresses the need for resilience in handling sudden surges in transaction volume .
The framework comprises seven steps: prepare, identify, protect, detect, respond, recover, and adapt. These steps encompass 104 control objectives, including activities such as continuous monitoring and alerting capabilities, due diligence on encryption key security, and the use of distributed denial-of-service (DDoS) protection services to mitigate network traffic. The BIS recommends the establishment of central bank senior leadership and boards, chief security officers, and various IT, security, and stakeholder teams to implement the framework effectively.
Despite expressing caution towards decentralized finance, the BIS has consistently supported the adoption of CBDCs. In June, the organization published proposals for a unified ledger to facilitate cross-border and tokenized asset transactions. Additionally, in collaboration with the Ban k of England, the BIS outlined plans for distributed ledger technology in April. The BIS's focus on cybersecurity reflects the need to ensure the resilience and security of CBDC systems as they become an integral part of the global financial landscape.
