As cyber threats to the industry continue to evolve in complexity and intensity, emerging technologies such as permissioned blockchains can contribute to the important goals of combating cybersecurity risks and adequately protect consumers' financial information and the integrity of the global financial system, tech giant Microsoft said on Friday.
Ahead of the release of its white paper 'Advancing Blockchain Cybersecurity: Technical and Policy Considerations for the Financial Services Industry' to be published jointly with the Chamber of Digital Commerce, Microsoft claimed that the financial services industry stands to benefit tremendously from the growth of blockchain, given the technology's many financial services applications, including effecting transactions and storing data in a more secure manner.
Furthermore, the firm stated that permissioned blockchains offer significant cyber-security capabilities, share some of the same cyber risks that affect other IT systems, and have unique characteristics, all of which merit further evaluation by regulators and industry.
Microsoft's whitepaper offers several policy recommendations applicable to both blockchain users and their regulators. By providing recommendations for the industry as well as the government, Microsoft looks to reinforce the notion that cybersecurity is a shared responsibility, adding that technology users have a role to play alongside government bodies, particularly with regards to cyber risk management.
Microsoft recommended that organisations that use blockchain should apply a tailored version of the U.S. National Institute of Standards and Technology (NIST) Cybersecurity Framework. Financial services industry organisations should apply the framework in developing cybersecurity programs for permissioned blockchain networks, subject to a few modifications tailored to the distinct attributes of permissioned blockchains.
Furthermore, it stated that regulators and industry players should engage in dialogue about blockchain and its use cases, including through regulatory sandboxes. For regulators to understand cybersecurity risk in permissioned blockchains, they first must have a detailed understanding of the technologies and how they operate. Industry participants can help provide this understanding by maintaining an open dialogue with regulators regarding permissioned blockchains, their opportunities and their risks.
Regulators should also acknowledge the cybersecurity benefits of blockchain. Policymakers should be attuned to blockchain's unique benefits, including for cybersecurity. Private sector organisations will look to cues from regulators as to whether and how blockchain can be leveraged to augment ongoing cybersecurity programs and to better mitigate cybersecurity risk.
Microsoft also called for international standards to be harmonised to enable global adoption of blockchain. Prudential regulators and industry should analyse cybersecurity standards that are applied to blockchains, particularly permissioned blockchains, to make sure that such standards are harmonised. (ANI)