DTCC calls for blockchain security consortium

The Depository Trust & Clearing Corporation (DTCC) has called for an industry consortium to develop a coordinated strategy for addressing security risks in the implementation of distributed ledger technology (DLT) in financial services.

The market infrastructure group published a whitepaper, suggesting a review of existing security guidelines to fill gaps in the approach to DLT security.

According to the paper, the establishment of a DLT Security Framework would:

• Assist in the completion of risk evaluations across an individual firm’s security assessments via best practices and tools, such as risk management and oversight, cyber security controls, third-party management and incident management.
• Address key aspects of the DLT key management lifecycle, including specific security considerations associated with the creation, maintenance, storage and disposal of sensitive information.
• Provide security guidance and practices respective to account access with the use of cryptographic hash functions, standard authentication methods and bridging the security gap between DLT and traditional IT environments.

“With adoption of DLT across the financial services ecosystem likely to continue to increase in the coming years, we need to be certain that all DLT-related security risks are identified and addressed to maintain the safety and stability of the markets,” said Stephen Scharf, chief security officer at DTCC.

“DLT offers great potential, but as with any new technology, it also comes with certain risks - traditional security measures may not be adequate, so it is critically important that this topic is top of mind for any DLT implementation.”

DTCC proposed a coordinated strategy around the development of a principles-based framework to identify and address DLT-specific security risks.

“As is common in IT security communities, frameworks must be widely available, generally agreed upon, and commonly adopted - as best practices mature, they can be adopted into a formal framework and used for financial industry participants and regulators alike,” added Scharf.

    Share Story:

Recent Stories

The Rise of Instant Payments
Instant payments are creating new business opportunities for banks by providing more touchpoints than ever. With these evolutions underway, Featurespace brought leading industry experts together to discuss how they are protecting customers from fraudsters in real time, utilizing innovative and disruptive solutions to reduce fraud. Click here to find out more.

Offloading Cyber Risk in the Cloud
As cyber attacks and data breaches are in the news on an increasingly regular basis - with regulatory penalties and customer trust on the line for financial services firms - it has never been more crucial to be compliant in the cloud.

This video, with Akamai’s EMEA director of security technology and strategy Richard Meeus, will help explain what your company can be doing to make sure it’s not embroiled in the next big fine or front-page scandal.