The Depository Trust & Clearing Corporation (DTCC), a global financial market infrastructure giant, says that traditional IT security frameworks must be updated to tackle the blockchain.
From Discover on Google https://t.co/3jCx92oh6G — XRP IS IT (@Raymond47640780) February 13, 2020
On February 12, it has been reported that an official press release took note of the expected rise in the adoption of distributed ledger technology like blockchains in financial services globally.
However, the DTCC has published a new white paper, Security of DLT Networks, which recommends the creation of a comprehensive, DLT-specific Security Framework and, potentially, an Industry Consortium that would spearhead research into standards and guidelines for the sector.
In its white paper, DTCC notes that at present, DLT in financial services is characterized by fragmented standards and guidance with respect to technology-specific security risks.
The industry giant recognizes that DLT implementation is poised to offer multiple actors a wide gamut of value propositions, notably “strengthened identity measures, improvements in information preservation and data integrity, processing efficiencies, increased operational capacity, and compliance effectiveness.”
Yet with these benefits come new risks, with better standards needed to ensure DLT interoperability, the consensus around terminology, effective governance and robust digital identity management.
The paper argues that all financial industry stakeholders thus have an interest in contributing to the creation of a DLT security framework.
At the level of individual firms, DTCC notes that best practices should be established spanning risk management and oversight, cybersecurity, third-party management, and incident response.
Moreover, technology-specific considerations should be taken into account for the creation, maintenance, storage and disposal of sensitive data. These considerations would aim to bridge the security gap between DLT and legacy IT environments and establish standard authentication methods with attention to the use of cryptographic hash functions.
In a statement, Stephen Scharf, the Chief Security Officer at DTCC, said:
“As is common in IT security communities, frameworks must be widely available, generally agreed upon, and commonly adopted. As best practices mature, they can be adopted into a formal framework and used for financial industry participants and regulators alike.”
As it has been reported, this is not DTCC’s first foray into tackling the global policy standards it judges to be necessary for smooth DLT implementation in financial services.
In March 2019, it published a white paper outlining guiding principles for the post-trade processing of tokenized securities.
Back in 2018, a DTCC-led study found that DLT is scalable enough to support daily trade volumes of the United States equity market.
Thus, DTCC, itself has plans to re-platform its Trade Information Warehouse with DLT.