CBDCs and cyber-security: resilience considerations when developing digital money
Central bank digital currencies (CBDCs) are an increasingly prominent topic for government authorities worldwide.
CBDCs such as the Bahamas’ Sand Dollar and Nigeria’s eNaira are already live, while the US Federal Reserve, European Central Bank (ECB – for the eurozone) and Bank of England are all stepping up their explorations.
Among the most important considerations facing policymakers and CBDC developers is cyber-security – a topic that (alongside CBDCs themselves), is among the BIS Innovation Hub’s 2023 priorities and also among the 13 public policy principles for retail CBDCs published by the Group of Seven (G7) nations in 2021.
Specific projects examining CBDC’s cybersecurity aspects include ‘Project Sela’, which is being led by the BIS Innovation Hub’s Hong Kong centre and involves the Hong Kong Monetary Authority and Bank of Israel; and ‘Project Tourbillon’, which is being run by the BIS Innovation Hub’s Swiss centre and is focused on cyber-resiliency, scalability and privacy of CBDC.
A UK House of Lords economic affairs committee report, published in January 2022, concluded that a CBDC poses two main security risks: first, that individual accounts could be compromised through cyber-security weaknesses; and, second, that a centralised CBDC ledger could be a target for attack from ‘hostile state and non-state actors’. The report added that while no system design can guarantee absolute security, any CBDC system ‘will need to be adaptable to emerging security threats and technological change, including fast-developing quantum computing’.
This Global Government Fintech webinar asked questions including:
- How are the biggest cybersecurity threats facing CBDCs evolving?
- To what extent, and how, are retail (general purpose) CBDCs a greater cyber-security risk than a wholesale CBDC?
- How important are technology solutions and design choices to keeping CBDCs ‘safe’?
#CBDCSecurity
Panel
Aristides Andrade Cavalcante Neto, Chief of Cybersecurity and Technological Innovation Office, Central Bank of Brazil
Aristides has worked at Central Bank of Brazil (Banco Central do Brasil – BCB) for 25 years. He is currently chief of the cybersecurity and technological innovation office, as well as deputy head of the IT department. He is in charge of fostering and collaborating on initiatives related to cybersecurity and technological innovation in Brazil’s financial system, including leading the IT team on the South American nation’s CBDC initiative. At the central bank, he has conducted research about blockchain technology, quantum computing and served as chair of a study group about CBDC and cyber-resilience. He also co-ordinates the LIFT Lab fintech accelerator initiative; is chair of the Bank for International Settlements (BIS) Innovation Network open finance working group; and in charge of IT co-ordination (on behalf of the central bank) in relation to open finance. He also works in the field of supervision to improve the Brazilian financial system’s cyber-resilience.
Frankosiligi (‘Franko’) Solomon, Senior Digital Expert, International Monetary Fund (IMF)
Frankosiligi Solomon (Franko) works at the IMF’s Information Technology Department (ITD) Digital Advisory Unit as a senior digital expert covering cybersecurity and digital risks. Prior to joining the Fund, Franko worked with the United Nations World Food Programme (WFP) in Italy, providing cybersecurity advisory, platform security architecture reviews and policy documentation. Before the WFP, Franko worked with African Development Bank (AfDB) in Cote d’Ivoire, Tanzania e-Government Authority (eGA), Techno Brain Ltd and HNL. Franko holds a MSc Cybersecurity from Royal Holloway, University of London, and a BSc in Computer Science from the University of Dar es Salaam (Tanzania).
Dr Geoffrey Goodell, Lecturer in Financial Computing, University College London (UCL)
Dr Goodell is a Lecturer in Financial Computing at University College London (UCL) whose work focuses on socio-technical systems in financial services. He is a member of the Bank of England CBDC Technology Forum; steering committee member of the All-Party Parliamentary Group on CBDC; and an associate of the Systemic Risk Centre of the London School of Economics (LSE). He is convenor of two ISO working groups on distributed-ledger technologies and an ISO advisory group on digital currency. He serves on the product advisory committee of the Digital Token Identifier Foundation and is adviser to two European industry groups that focus on digital assets. Dr Goodell is a CFA charterholder and has roughly a decade of experience in the financial industry, first as a strategist at Goldman Sachs & Co and later as a partner and chief investment officer at a boutique asset management firm. His research contributes to knowledge and policy at the intersection of finance, technology and regulation.
Webinar chair: Ian Hall, Editor, Global Government Fintech
Ian is editor of Global Government Fintech and also writes for media including City AM and #DisruptionBanking. He is former UK director for the pan-European media network Euractiv (2011-2018), editor of Public Affairs News (2007-2011) and news editor of PR Week (2000-2007). He was shortlisted for ‘Editor of the Year’ at the British Society of Magazine Editors (BSME) Awards in 2010. He began his career in Bulgaria at English-language weekly the Sofia Echo, with his year in the Balkans (1998-1999) sandwiched between a BA in Economics and MA in Urban & Regional Change in Europe (both from Durham University).
