The Challenge
The client was embarking on a multi- year program to expand its traditional custodian services to support crypto assets such as Bitcoin and Ethereum. The support of these new asset classes introduced several novel cybersecurity, regulatory and operational challenges which fell beyond the traditional capabilities of the bank.
The client needed support to design a secure solutions architecture to store and manage their customer’s private keys and thoroughly socialize that solution across the organization to secure alignment and buy-in across product, cybersecurity and the three lines of defense.
Project Description
Further Advisory provided technical architecture and program management support in the design and socialization of the Digital Custody platform. The 7-month initiative involved a deep understanding and documentation of current encryption and cybersecurity best practices, effective product management across globally distributed teams and outside vendors, as well as communication and consensus building to address the concerns of Audit and Enterprise Risk Management within the solution design.
Outcomes Delivered
- Key Management Overview. Developed an overview describing how the AWS Key Management Service will be used to secure cryptographic keys for the bank’s digital custody solution, including a comparison of market alternatives.
- Digital Custody End-to-End Encryption Process. Documented the process flows depicting the end-to-end security of and in-depth review of cryptographic tools used to secure digital wallets, including multi-party computation (MPC) and Envelope Encryption via the AWS Key Management Service (KMS).
- Digital Custody Logical and Physical Solution Architecture. Developed a visual representation of the components of the Digital Custody Platform including connectivity with internal systems, 3rd party services and blockchain connectivity.
- Non-functional Requirement Specifications. Developed a list of security requirements derived from a cyber threat vector analysis and facilitated workshops with vendor partners to define plans to address each within the application design.
- Program Management Support. Facilitated the development of a comprehensive plan for the implementation of the cyber security elements of the digital custody program including stakeholder communication, executive status reporting, and risk management.