中央银行数字货币生态系统的网络弹性（英）2024

Cyber Resilience of the Central Bank Digital Currency (CBDC) Ecosystem

Introduction

This note provides an overview of the cyber resilience challenges faced by the CBDC ecosystem, focusing on the design and technology choices that impact cybersecurity. It aims to offer practical advice to policymakers on how to enhance the resilience of CBDC systems.

Section I: Cyber Risk: Context and Overview

The note begins by discussing the broader context of cyber risk and provides an overview of various types of cyberattacks and threat actors.

Section II: Cyber Risk in the CBDC Ecosystem

• Interconnected Nature: The CBDC ecosystem is highly interconnected, making it vulnerable to cyber attacks.
• Cyber Risk Perimeter: Defines the scope and boundaries of cyber risks within the CBDC ecosystem.

Section III: Design and Technology Choices: Cybersecurity Implications

The section explores different design options and their cybersecurity implications:

• Distribution Model: Discusses the implications of different distribution models on cybersecurity.
• Token or Account-Based Models: Analyzes the differences between token-based and account-based systems in terms of security.
• Ledger Design: Evaluates the impact of different ledger designs on cybersecurity.
• Offline Functionality: Examines the role of offline functionality in enhancing cybersecurity.
• Use of Third Parties: Considers the use of third parties for critical services and their impact on cybersecurity.

Section IV: Foundational Requirements and Good Practices for a Resilient CBDC Ecosystem

The final section outlines the key principles, foundational requirements, and good practices necessary for building a resilient CBDC ecosystem:

• High-Level Principles: Provides overarching principles for protecting the CBDC ecosystem.
• Foundational Requirements: Details the essential requirements for ensuring cybersecurity.
• Good Practices: Outlines best practices for enhancing cybersecurity.
• Cyber Resilience and Project Management: Highlights the importance of project management in achieving cyber resilience.

Appendices

• Table 1: Lists types of cyberattacks.
• Table 2: Categorizes threat actors.
• Table 3: Describes cyber risk management at various stages of CBDC projects.
• Figure 1: Illustrates the link between cyber risk and operational risk.
• Figure 2: Shows the interconnected nature of retail CBDC ecosystems.
• Figure 3: Breaks down elements of security in a CBDC.
• Figure 4: Maps risks to the ASAP model.

Glossary

Provides definitions for key terms related to cybersecurity, aligning with the FSB Cyber Lexicon and other relevant standards.

Key Points

• Cyber Risk: The combination of the probability of cyber incidents occurring and their impact.
• Cyber Resilience: The ability of an organization to continue its mission by anticipating and adapting to cyber threats and recovering from cyber incidents.
• Design Options: Different approaches to distribution, ledger design, and third-party usage that affect cybersecurity.
• Foundational Requirements: Essential elements for securing the CBDC ecosystem.
• Good Practices: Best practices for enhancing cybersecurity in CBDC projects.

This summary provides a comprehensive overview of the key aspects and findings discussed in the note, focusing on the design, technology, and foundational requirements for enhancing the cyber resilience of CBDC ecosystems.