Recommendations for Financial Services Industry for Advancing Blockchain Cybersecurity

Microsoft, in association with Chamber of Digital Commerce, has released a whitepaper around technical and policy considerations for advancing blockchain cybersecurity for the financial services industry.


Titled, Advancing Blockchain Cybersecurity: Technical and Policy Considerations for the Financial Services Industry, the whitepaper aims to deepen the cybersecurity policy dialogue among blockchain technology providers, financial services organizations using blockchain and their regulators. The whitepaper offers several policy recommendations applicable to both blockchain users and their regulators that can enable further growth and development of the blockchain ecosystem in a secure manner, while addressing regulatory concerns.


The financial services industry stands to benefit tremendously from the growth of blockchain given the technology’s many financial services applications, including effecting transactions and storing data in a more secure manner. As cyber threats to the industry continue to evolve in complexity and intensity, emerging technologies such as permissioned blockchains can contribute to the important goals of combatting cybersecurity risk and adequately protecting consumers’ financial information and the integrity of the global financial system. Permissioned blockchains offer significant cybersecurity capabilities, share some of the same cyber risks that affect other IT systems, and have unique characteristics, all of which merit further evaluation by regulators and industry.


Some of the key recommendations made in the whitepaper include:


·      Organizations that use blockchain should apply a tailored version of the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework. Financial services industry organizations should apply the framework in developing cybersecurity programs for permissioned blockchain networks, subject to a few modifications tailored to the distinct attributes of permissioned blockchains.


·      Regulators and industry should engage in dialogue about blockchain and its use cases, including through regulatory sandboxes. For regulators to understand cybersecurity risk in permissioned blockchains, they first must have a detailed understanding of the technologies and how they operate. Industry participants can help provide this understanding by maintaining an open dialogue with regulators regarding permissioned blockchains, their opportunities and their risks.


·      Regulators should acknowledge the cybersecurity benefits of blockchain. Policymakers should be attuned to blockchain’s unique benefits, including for cybersecurity.  Private sector organizations will look to cues from regulators as to whether and how blockchain can be leveraged to augment ongoing cybersecurity programs and to better mitigate cybersecurity risk.


·      International standards should be harmonized to enable global adoption of blockchain. Prudential regulators and industry should analyze cybersecurity standards that are applied to blockchains, particularly permissioned blockchains, to make sure that such standards are harmonized.

(Image Courtesy:

Categories: News

About Author

Write a Comment

Your e-mail address will not be published.
Required fields are marked*


Recent Comments