Digital - second to God - Omnipresent, Omnipotent, Omniscient !!!

Digital Digital Digital - if one word which is being most discussed after god, it's digital. 

It is omnipresent, omnipotent, omniscient. How?

There is no place in the global ecosystem where Digital is not being discussed (omnipresent). It's in the cloud (no-pun-intended) 

There is no problem in the world for which Digital is not being considered a potential solution (omnipotent). It brings people, skills, and the ecosystem together.

And, there is nothing that is hidden from digital, it knows everything from its data intelligence capabilities (omniscient). The ability to capture data from anywhere, and draw intelligence out of it is only strengthening every day.

Despite this omnipresent, omnipotent, omniscient digital, why businesses are struggling to realize benefits from their digital programs? Of course, let's talk about the challenges of going truly digital.

First, not knowing what is digital. from CEO to ground staff need to have a common understanding of digital. While technology helps us realize our digital visions, digital is no technology it is a way of working.

So, let's start with - what is digital? well, let's see it in the context of Analog vs Digital signals. What do you see? Analog is complex, it has multiple attributes (frequency, magnitude, etc.), and it is not easy to integrate two analog devices. opposite that, Digital is about simplicity, speed, and interoperability.

The analogy might seem too simplistic, but that's what digital is all about. Through digital, we strive to simplify problems, democratize solutions, and ultimately improve lives and livelihoods. Yes, that is the ultimate goal - to bring a change that benefits people and improves their lives.

With the context set, what are the genuine, practical challenges that are prohibiting us from achieving our digital goals?

• Distracted by newer technologies, we forget the end-user.
• Getting lost in the muddy water of the existing technical landscape
• Driven by headlines, missing alignment with business outcomes

Not only siloed systems but also talent. Technology experts can't or don't want to question business. Business experts can interrogate technology, but they don't understand it.

So essentially, while digital is everywhere like, it is still esoteric like God.

Contextualizing Cyber Security tools and frameworks

After medical science, if any professional stream has the most number of acronyms, Cybersecurity would be it. Every acronym represents a concept, framework, or tool with substantial overlapping features with others. It is not always easy to find how these different solutions interact with each other.

While I may not know about all, let's contextualize a few of the most prominent ones which often find a place on CISO’s agenda.

If we could visualize all of them in a single frame, the picture may look something like this.

 Now, let's look at the different parts of this picture in brief.

Security of End Point

Endpoints are essentially devices used to access applications and services. It may include laptops, desktops computers, smartphones, tablets, IoT devices, and edge servers among many others. Endpoint security focuses on securing these devices, along with cloud or on-prem resources, when they are connecting to the network and accessing or storing the data.

Endpoint protection (EPP) is a legacy classification-based solution for threat detection. Although this solution can identify known threats by looking up a known-threat database(KTDB) and take an automated action if a match is found.

Endpoint detection and response (EDR) is an evolution of EPP in the sense that it can also identify unknown sophisticated cyber threats.

XDR (also referred to as X-EDR) bridges the gaps left by EDR. It extends endpoint detection and response capabilities to networks, cloud services, and the entire threat surface. It is also called X-EDR.

As X-EDR is mostly machine surveillance, it may generate a lot of noise – duplicate alerts and false negatives. MDR brings human experts and AI to take care of that experience.

MDR (also referred to as M-XDR) is managed service provided by a third-party security provider who delivers the XDR solution reducing the workload of enterprise security professionals. MDR is especially relevant when the organization doesn't have the skills or adequate bandwidth to provide holistic security coverage to its technology ecosystem.

If you considering applying an XDR/MDR solution, your consideration set may start with these:

Security of SaaS

SSE and SASE – When Gartner coined these two terms in 2021, frankly, it took me a while to figure out what exactly Gartner is trying to cover that is not already covered in existing security frameworks.

So, what I understand now is – SSE (security service edge) is a security framework to bring all solutions targeting the security needs of rapid cloud adoption, SaaS-centric IT, and a growing remote workforce.

While SSE facilitates secured access to websites, SaaS applications, and custom-developed applications hosted on the cloud-hosted cloud, SASE (security access service edge) extends the security to the wide area network (WAN) when the cloud resources are not only accessed from the public internet but also private on-premise networks.

In a start-up ecosystem, where there is little to no on-premise infrastructure, SSE works perfectly in securing SaaS resources. However, for a large enterprise, SASE is required to enable secure access from private offices and public internet.

Although I haven't mentioned Email Security explicitly in this section, it is one of the most important parts of an organization's IT security. In fact, it would be the first Security solution you may start with considering, that emails are the first and foremost way of communicating within and outside an organization. So, just for completeness' sake, sharing here the most popular email security solutions:

 

Run-time security components (Enterprise Architect / CTO organization)

DDoS (distributed denial of service attack) is one of the most prominent patterns of security attacks. Most of the Content Delivery Network (CDN) service providers and hyperscalars provide a basic level of DDoS protection complimentary as part of their services. Load Balancers also play an important role in blocking DDoS attacks.

Once a user request passes through Edge or CDN Network, WAF (Web-application Firewall) provides a second line of defense. It is generally attached to CDNs and external Load-balancers. WAF provides critical protection mainly by creating a baseline of access parameters like URLs, cookies, and sessions; blocking external attacks defined by OWASP such as SQL injection, Cross-site scripting, etc.

Often, a Network Firewall is also placed before WAF to ensure Layer-4 attacks are prevented before the WAF gets into action to prevent layer-7 attacks. In fact, solutions like Next-gen firewalls (NGFW) combine the capabilities of WAFs and network firewalls into one, providing extra context to organizational security policies. 

NACL (network access control list) and Security groups are software-defined security features that secure Subnet and Virtual machines. Cloud providers may have differently named components and ways to configure this layer. For example. while AWS has NACL and Security Groups as separate configurable resources, Azure has the capability of Network Security groups (NSG). Google Cloud facilitates global network protection using the software-defined firewall as a service.

IDPS (IDS / IPS) aims at detecting all intrusions or attacks as they occur and preventing them. It is a gatekeeper that analyzes inbound and outbound network traffic for signs of known attackers. It sits in the perimeter before Firewall and can catch packets missed by a firewall. They can be Virtual Machine-based, Host-based, Network-based, and Wireless, and they can also do Network Behavior Analysis.

If you have already implemented an IDPS solution, it's highly probable that it would be one of these:

IAM or Identity access management is the foundation of the IT security landscape. Driving the Least Privilege philosophy and codified policies, IAM has its impression on all cyber security frameworks including Security Service Edge (SSE).

While, within IAM, RBAC (Role-based access control) is the most popular framework, ABAC (Attribute-based access control) augments the security layer by providing a dynamic way to grant access based on specific attributes of the requester.

Following the Shift-left approach to IT security, secured code review (SCR), static application security testing (SAST), and dynamic application security testing (DAST) jointly provide the first line of defense for your custom applications. If every line of code released to production has gone through this first line of defense, it will substantially reduce the security threat to the organizations.

Security Operations (CISO’s organization)

Once the IT infrastructure and applications are up and running in production, the next step to is keep it secured through robust security operations, Although, planning for security operations starts from the time a new technologies component is being designed and developed, the real work starts when these newly developed components go to production. Solutions like SIEM, SOAR, and platforms like TIP play a role in keeping the business technology landscape secure.

SIEM solutions are designed to ingest all the logs and telemetry data (users, application, network, and other tech assets) in storage, and analyze them using event correlation and analytics to uncover a potential security incident. It can integrate with other security solutions to get data and share the events. It is mainly an alert generation solution

SOAR platforms extend SIEM capabilities by consuming alerts and orchestrating workflows to automate responses. As SIEM and other security solutions may produce more alerts than the SOC team can handle, SOAR helps the SOC teams respond to newer critical alerts quickly and efficiently.

TIPs aggregate security intelligence feeds (threats and suspicious activities) from vendors, analysts, and other sources across the globe. This data includes malicious IP addresses, domains, file hashes, etc.

TIPs drive actionable intelligence from this data and feed them into other security solutions such as EDR, SIEM, IDPS, and firewalls.

SOC or Security Operations Centre – a centralized function within an organization to monitor, prevent, detect, investigate, and respond to cyber threats to protect the organization’s technology and data assets such as IPs (intellectual properties), data, systems, and applications.

If you have made up your mind to implement SIEM/SOAR solution, you may start from this list for evaluation:

Most of the time, organizations either don't have enough bandwidth, or skillset to set up a Security operations center (SOC). In those situations, a managed security service provider (including a system integrator) may help set up and operationalize SOC.

Also, as it could be overwhelming for any organization to evaluate every solution listed here, they must ask their SI partner to provide the best set of solutions aligned with business needs and the existing tech landscape.

I hope this article helped in your understanding of the overall security landscape and how different solutions help provide a layer security framework to business-critical information and processes. 

Cloud Comparison - Part-3: Business Strategy - Get Set Go

All businesses formulate their strategies around their strengths and use partnerships and collaborations to bridge the gaps. The three cloud hyperscalars we are talking about – AWS, Azure, and GCP – also follow a similar approach. 

Before we go into details about these three players, let me list the main segments of the cloud market.

The cloud market is divided into 3 sets of solutions:

1. IaaS (Storage, Compute, Network)

• Public IaaS – This is the segment with ~$100B market and AWS commands around 55% of the market, followed by Microsoft (30%), Google (10%)
• Private IaaS (On-premise) – This is a sub-segment within IaaS driven by clients' demand for hybrid cloud solutions. Overall market size is ~$25B led by Microsoft Azure Stack (33%), Google Cloud Anthos (25%), AWS Outposts (15%)
• Overall IaaS market is led by AWS with more than half of the market share.

* Please note, that all numbers mentioned here are approximates and based on the reports published by Gartner and TBRi. The purpose is not to focus on actual numbers but to get an idea of cloud market fragmentation among three large players.

2. PaaS (Environments ready to deploy applications; very limited control on Storage, Compute, Network)

• Public PaaS – This is the next segment with a size of $80B. Microsoft, with ~33% of the market, leads the pack. AWS commands ~16% and Google cloud ~10% of the market.
• Private PaaS – With the PaaS solutions deployed on-premise, this segment gets ~$15B market, and Microsoft has a lead over others.
• Overall the PaaS market is led by Microsoft with ~35% of the market. 

3. SaaS & COTS (On-prem as well as cloud solutions including ERP, CRM, Databases, BI, HR, and marketing solutions)

• This is a highly fragmented segment with a size of ~200B. Here Microsoft has been a traditional leader for a long time. With its 365 and power platforms, Microsoft commands over 35% of the market. While SAP and Salesforce may claim second and third positions, AWS and GCP are not very big players in this segment.

So while AWS has a huge lead over others in IaaS, Microsoft is the leader in all other segments and catching fast in the rapidly commoditizing IaaS segment because of its end-to-end solution proposition.

If we look at their overall positioning, both AWS and Azure are positioning themselves as a one-stop shop for all of their client needs. Google Cloud has deliberately closed a few doors for itself so to ensure it can focus on the things that matter most to its target set of customers.

Moreover, as the cloud is becoming synonymous with IaaS, what once used to be said about IBM, is now being said about AWS – No CIO is going to be fired for choosing AWS. AWS has become a default choice for the cloud, particularly IaaS, even more so when organizations don’t have a specific set of criteria to find the best platform for their needs.

Although all three are trying similar levers to grow, such as Cloud Migration Discounts, Partner Programs to promote channel sales, and Joint GTM with System Integrators, there are also nuanced differences in how they navigate through this fragmented market.

In the table above, I summarize key strategic aspects that have defined AWS, Azure, and GCP’s journey in terms of how they started their offerings, how they are building the landscape, and how they are growing their footprint in the global cloud market.

#CompareCloud #AWS #Azure #GCP #Digital #Cloud #Strategy

Emerging Techs Hype Curve 2022 - Web3 Foundation is underway, Metaverse will take a decade !!!

 

While most of the technologies on the hype curve are known and will mature in the time period Gartner mentions. I am interested in seeing how a few specific ones will take shape – Internal Talent Marketplace, Digital Human, and Minimum Viable Architecture. When these ones mature, we will witness faster and more decentralized business transformation through digital.

Nevertheless, what I find interesting is, that while NFT, Decentralized Identity, Digital Twin, and Web3 may find their places in 2-10 years, Metaverse and Digital Human are still more than a decade away, and rightly so, because NFT, DI, Digital Twin, and Web3 will be the pillars of the Metaverse ecosystem.

Similarly, while Cloud Hyperscalars like Azure have been trying to lead with Industry Cloud Platforms solutions, Creating cloud data ecosystems for various industries will play a critical role in building those industry solutions. However, as I interact with hyperscalars and a few clients, I reckon that both cloud data ecosystem and industry solutions on the cloud will be part of mainstream business transformation by 2025-2027, instead of the 5-10 years that Gartner estimates.

Merging cloud frameworks for a sustainable digital transformation (Corporate Blog)

 

Please refer the original post at

https://atos.net/en/blog/merging-cloud-frameworks-for-a-sustainable-digital-transformation

Cloud Comparison - Part-2: Management & Administration

In Part-1 we talked about the geographical coverage of the three largest hyperscalars (excl. Alibaba).

Here, in Part-2, let’s see how you can organize your cloud resource for better management and administration. In general, all three hyperscalars provide a hierarchical way to structure your cloud workloads. This structure covers 3 aspects:

1. Centralized policy enforcement at an appropriate level
2. Billing administration aligned with the organizational structure and strategy
3. Reporting and monitoring of cloud resources driving accountability

Reflecting their organizational philosophy, google cloud’s structure is very simple and intuitive without losing the flexibility you may need to structure your cloud workloads. 

Azure’s way of organizing cloud resources may seem a little confusing to starters, however, its concept of “Resource Group” is extremely useful as it enables one-click administration of many of your cloud resources. Even though you may be able to achieve the same thing in GCP and AWS with other options, they are not as easy as the "Resource Group" is in Azure.

At the top level, both AWS and GCP provide a way to create an “Organization” that represents your real-world organization. Azure uses the Azure Active Directory (tenant) as a top-level entity.

For billing, all three provide a way to consolidate billing independently of how the workloads are structured across different sub-units. In AWS, a management billing account can be used to manage billing across multiple member accounts. In Azure, one billing account can be used to manage multiple subscriptions, which is the lowest level of billing separation in Azure. In Google Cloud, you may have multiple cloud billing accounts to group workloads in different projects.

For logical groups and a hierarchical structure, AWS provides “Organizational Unit (OU)” under “Organization”. You may govern multiple member accounts within an OU. Similarly, using Azure’s “Management Group”, we can create 5 levels of hierarchies under the Top-level management group. In this hierarchy, leaf nodes would be resource groups under specific subscriptions. 

In GCP, the structure is simple. Within the “Organization” node, we may have zero to many folders, and within that, we can have one-to-many projects which provide the lowest management and billing separation. Here, folders are optional, so, projects can be placed directly under the organization node.

At the lowest level of management boundary and billing Separation, AWS uses “Member accounts” to organize all the cloud resources. In Azure, this feature is provided by “Subscriptions”. In GCP, “Projects” take care of the same capability.

For one-click resource administration, Azure provides a most helpful feature – “Resource Group”. In GCP and AWS, it can be achieved partially using Tags and Labels. In AWS, if the resources were created using cloud formation, we can do one-click resource administration in cloud formation as well.

The last one is Dynamic Grouping which can help in cost-allocation to different departments of cost-heads for billing, managing varying levels of security for different workloads, and other monitoring needs. AWS tags, Azure tags, and GCP labels can be used to automate events & workflows, and management, and Attribute-based Access Control (ABAC).

Overall, while Azure’s “Resource group” is a unique feature, all other features are comparable.

For more details, please see:

https://docs.aws.amazon.com/organizations/latest/userguide/orgs_getting-started_concepts.html

https://docs.microsoft.com/en-us/azure/cloud-adoption-framework/ready/azure-best-practices/organize-subscriptions

https://cloud.google.com/resource-manager/docs/cloud-platform-resource-hierarchy

#CompareCloud #Tip 2 #AWS #Azure #GCP #Digital #Cloud #Strategy

Cloud Comparison - Part-1: Global Coverage

Cloud has been the most significant contribution of the technology industry to the decarbonized world. It has not only increased the data processing power exponentially but also created platforms to reduce the under-used technology hardware (most of the on-prem servers run at 50% utilization on avg).

We may already know AWS is the leader in IaaS, while Azure is in PaaS. However, how do they stack up against each other in their overall coverage? Since I started looking at cloud solutions, I wanted to do a comparative analysis of three hyperscalars – AWS, Azure, and Google Cloud.

In this thread of posts, I’ll pick different aspects, one at a time, to compare these cloud providers. the first one is comparing them based on their Global Coverage.

#CompareCloud #AWS #Azure #GCP #Digital #Cloud #Strategy

Tip 1 Service Coverage

So, while AWS leads the way in terms of no. of services, Azure has the most data centers (Regions - zones) across countries. However, AWS still provides the best global coverage through its wider web of Edge locations/points of Presence (POPs) through which AWS customers can connect with the AWS network through direct connect.

Also, though, Google Cloud doesn’t have any data center in the Middle East or Africa, it is still serving the geography through its POPs that customers can connect to through the Dedicated / Partner Interconnect service.

Note: Green highlighted ones are low-carbon data centers in Google cloud.

Insight: If you have country-specific regulations to comply with, Azure might be better positioned to serve your needs, but if you have customers spread across almost all countries in 5 continents, AWS could be a better answer. 

However, if you are only looking for great coverage in the Americas, Australasia (but not in Middle-east and Mainland China), and Europe at the lowest cost GCP could be a great option when looking at the coverage only, keeping other aspects of cloud adoption. Also, Google Cloud doesn't offer any Sovereign Cloud for US government entities.

For more details about each, please check:

https://aws.amazon.com/about-aws/global-infrastructure/regions_az/?p=ngi&loc=2

https://azure.microsoft.com/en-ca/global-infrastructure/geographies/#overview

https://cloud.google.com/about/locations#network

Change Story – Critical measures to define and evaluate the success of digital products (Corporate Blog)

 

Please refer to the original post at

https://atos.net/en/blog/change-story-critical-measures-to-define-and-evaluate-the-success-of-digital-products

What is a Digital Transformation Office (DTO) and What It Is Not?

A Digital Transformation Office (DTO) is the nerve center of an organization's transformation journey, enabling the alignment of digital initiatives with strategic business goals. The most often mistake organizations make is by conflating DTO with solely a project management office (PMO) or limiting its scope to the IT department. Rather, it must be a multidisciplinary entity designed to steer digital transformation, taking cues from Digital Strategy, focusing on innovation, and strategy, and driving towards Digital ambitions.

The DTO's core mandate is to accelerate digital adoption, foster cross-functional collaboration, and ensure that digital initiatives deliver tangible business value. It must champion culture shifts, oversee technology integration, and align digital strategy to execution.

Success for a DTO is measured in the same way the success of digital strategy is measured. The KPIs may vary by the industry your organization belongs to, but the common ones could be:

• Percentage of revenue from digital products/services/channels (if you are a for-profit organization).
• Reduction in operational costs through digital solutions (if the focus of digital strategy is operational efficiency)
• Time-to-market for new digital initiatives (if the focus of digital strategy is operational efficiency)
• Customers experience improvements (if the focus of the digital strategy is organization sustainability and customer delight).
• Employee digital skill enhancement metrics (if the focus of the digital strategy is operational efficiency OR organization sustainability)

Although who you make part of the DTO may also differ a lot across organizations, a typical Digital Transformation Office must have the capability to make decisions, and prioritize initiatives, typically includes roles like:

• Chief Digital Officer (CDO): Leads the DTO, setting vision and strategy.
• Enterprise Architect / CTO: Ensure conceptualized digital solutions are scalable and compatible with the tech and business capabilities of the organization.
• Digital Program Managers / Transformation Leads: Manage key initiatives and digital programs, ensuring delivery within scope and budget.
• Data Analyst/s: Provide actionable insights to guide decisions.
• Finance Analyst: To value the financial costs and benefits of digital initiatives.
• OCM Lead: Drive organizational change management and cultural adoption of digital solutions.
• Partner Relationship Manager: Proactively aligns vendors, partners, and service providers with Digital Roadmap.
• Business Analysts / Functional transformation Leads: Depending on the business functions focus of the Digital Strategy and Digital Transformation, analysts are borrowed to ensure the correct conceptualization of each initiative.

Now one last thing, although may be obvious, it is important to understand that the DTO doesn’t operate in silo. While it generally reports to the Digital Steering Committee, comprising of CEO/Head of the organization, and other CXOs / Functional Head, it drives the execution through Digital factory, and innovation through Digital Centers of Excellence and Innovation Hubs. 

Here depending on the organizational size and business model, Digital Factories can be dedicated to individual business function OR take a form of a Global Digital factory with some local hubs. Similarly, Digital Centers of Excellence (Digital COEs) can be the umbrella body of multiple COEs like Agile COE, Data/AI COE, Cloud COE etc.

In addition, it continuously partners with all the business functions to ensure the benefits of the Digital Solutions are duly realized and reflected in organization performance.

So, in a nutshell, your Digital Transformation Office and its allies may take this form and structure:

By defining a clear structure, measurable KPIs, and a business-aligned mandate, the Digital Transformation Office acts as a critical catalyst to drive digital strategy to execution for sustainable digital transformation rather than merely an administrative function.

How to overcome regulatory challenges in an agile development approach? (Corporate Blog)

 

Please refer original post at

https://atos.net/en/blog/how-to-overcome-regulatory-challenges-in-an-agile-development-approach

CBDC (Central Bank Digital Currency OR Control) – Fiat’s striving to ride the Blockchain Hype!!!

Let me start by making a few statements to ensure you know what we are going to talk about here.

1. The concept of CBDCs is independent of Blockchain or DLT technology.
2. CBDCs are not about financial inclusion or more efficient and faster payments, because there are better ways to achieve those objectives.
3. Even if not acknowledged explicitly by CBDC proponents, CBDCs can easily be used for the suppression of opposing voice
4. CBDCs can’t replace non-sovereign cryptocurrencies without sovereign banning the cryptocurrencies through law.

In the last 10 years, while cloud and AI have transformed the way business is done, blockchain has not been able to justify the hype it has been getting. Instead, despite being on the Hype curve for more than 5 years, the real business benefits of blockchain are still elusive to many.

However, it has given birth to many other concepts which have taken their own life. While the list started with cryptocurrencies, goes to Digital Assets, Decentralized Autonomous Organizations (DAO), Non-fungible tokens (NFTs), and now most fungible sovereign tokens called CBDCs. I’ll leave Metaverse, another offspring of blockchain, out of this discussion for now.

While the concept of blockchain goes back to the late 90s, it came into prominence with bitcoin and Satoshi’s paper on a Fully decentralized mode of exchange. The purpose of blockchain has been to create an Immutable Decentralized Ledger no one party can control. Bitcoin is still following the same philosophy.

Although we concede that with industrialized bitcoin mining, only a few are controlling the global mining. However, those few can be replaced any day by other few who are willing to invest in the concept. We have witnessed this transition in May 2021, when China banned bitcoin mining, and overnight more than a third of the bitcoin network moved from Asia to North America. And all that happened without any bitcoin holder facing liquidity impact. This is the power of non-sovereign currency and assets.

Just before I delve into CBDC, let me say this - I am not a proponent of absolute freedom because I not only believe in rule of law but also that to keep the social fabric functioning, my freedom will have to negotiate with somebody else’s freedom.

In a modern economy, we already have digital money. These are debits and credits in our bank accounts, credit card accounts, and digital wallets. While this money is partially backed by liabilities of central banks, these are augmented by commercial banks through loans and mortgages. So, we can say that we already have a decentralized currency framework.

Even though the current sovereign monetary structure is governed by sovereign governments’ policy frameworks, there is still an arms-length distance between willingness to control and implementation of control. CBDCs overturn that arrangement completely, making it exactly the opposite of what blockchain represents. One may argue CBDCs will be more centralized and controlled than any of the major cryptocurrencies currently in circulation.

Now let’s elaborate on the three statements I made at the start of the article.

1. The concept of CBDCs is independent of Blockchain or DLT technology.

Even though claimed by the IMF research group as one of the motivations, I believe the CBDCs, at least in their current form, are opposite to what blockchain represents – decentralization.

Currently, as per the Atlantic council’s CBDC tracker, there are 91 CBDC projects underway. They are in various stages of the project lifecycle. Among large countries, China, Russia, and Saudi Arabia have already launched their Pilots, while others like Canada, India, and Australia have started the development.

Although out of these around 18 are claiming to be based on Blockchain, almost all are controlled by the central bank of that country. Therefore, they may not benefit from the Blockchain or DLT technology. However, if all central banks can find a way to link all these CBDCs to reinvent the international payment settlement, it could be the best use of the power of blockchain. Recently launched, ‘Project Dunbar’ is an effort in that direction.

For now, CBDC development around the globe has its genesis in the fear psychosis - FOMO (fear of missing out) against cryptocurrenciesand fear of China’s rapid progress on various economic and geopolitical fronts. We are in a world where if China does something – the rest of the world would think either it must be good OR it is being done to hurt them.

Without, digressing anymore – CBDCs on blockchain make sense only when non-central bank parties have a say on the token creation and its circulation, which I don’t reckon most central banks will allow.

2. CBDCs are not about financial inclusion or more efficient and faster payments, because there are better ways to do that.

It has been cited multiple times that CBDCs will expedite financial inclusion. Nothing is farther from the truth. Many economic surveys have underlined that a large population that is not part of the organized financial sector is only because of two reasons.

The first reason is that people, don’t have access to banks because they live in remote, inaccessible areas of the country. This is mostly a problem in developing or under-developed countries, where serving remote parts is not financially viable for private organizations, while the government itself doesn’t have adequate resources to fill the gaps.

However, countries like Kenya (m-paisa) and India (Jan-Dhan) have demonstrated how to circumvent this challenge. Leading by example, these countries have demonstrated that the problem of access to banking can be solved just by the sovereign’s willpower.  Just 5 years old, India’s Jan Dhan (Public money) initiative has brought millions to the banking sector in a very short period. The government of India demonstrated willpower by incentivizing (and penalizing) public and private sector banks to achieve its objectives. And even before India’s Jan Dhan, Kenya’s M-Paisa made a diligent effort toward Financial Inclusion. It was an innovative way of driving financial inclusion by using the technology infrastructure of mobile telephony.

The second reason behind the under-penetrated financial sector is that a few people chose not to be part of the organized financial sector because they don’t trust banks or governments with their money. This is mostly a problem with the developed world with a greater freedom index. For this, non-sovereign cryptocurrencies are gaining popularity.

CBDCs doesn’t solve either of these problems because of their practical limitations.

Just assume you own a few CBDC coins. The only way to access and spend them is to get a Digital Wallet either with the central bank OR with a commercial bank. Mostly it would be with a central bank, otherwise, it is no different than the current monetary framework. Becoming a Central Bank’s client, a citizen can easily be under surveillance at any time by one central organization, eliminating an individual’s financial freedom.

Moreover, if you are in a remote location with limited or no network coverage, you can’t access your money. So financial inclusion fails here. In fact, as of today, no form of digital money supports offline transactions and that is why Cash is still prevalent.

3. Even if not acknowledged explicitly by CBDC proponents, CBDCs can easily be used for the suppression of opposing voices.

Now, look at an aspect of CBDC that is the most talked-about by CBDC’s opponents but sugar-coated by the CBDCs proponents as “transmission of monetary policy”.

Assume you live in a country with a non-democratic governance structure and have spoken against a government policy. You have all your liquid money in the form of CBDCs. It would take government minutes to ensure you are taught a lesson.

You don’t need to imagine it. Many governments around the world are already using financial tools to suppress the critics with whatever tools they have. CBDCs will just be another bow in their armor.

4. CBDCs can’t even replace non-sovereign cryptocurrencies without sovereign banning the cryptocurrencies

Now, come to the last point of CBDCs’ adoption. Nobody who is a proponent of non-sovereign cryptocurrency will choose CBDC because they either preferred crypto over sovereign currency to regain their financial freedom OR over traditional assets to speculate on its value. CBDCs will provide none of that. So, the only way for governments to replace cryptocurrencies with CBDCs is to make it criminal to own the cryptocurrency. Whether many governments can do that, is yet to be seen.

Moreover, if a situation comes when one has a global asset like bitcoin, ether (in this context they may not behave like a currency until they have more acceptability) that one can carry anywhere in the world in his or her memory, there is no reason one would choose a CBDC as a store of value. This is the reason why bitcoin is finding acceptance in war-torn countries like Ukraine.

So, in nutshell, with very few benefits, CBDCs may result in the further concentration of financial control with an entity, the government, which already has full control of law-and-order machinery. Even though there are few use cases of CBDC which can benefit society, the same benefits can be realized through ways that are much simpler, less costly, and much easier to implement.

---------------------------------------------------------------------------------------

Just so you know, I am not crypto maximalist, but for sure a CBDC minimalist. I will change my opinion when I have supporting data.