Services directed to exchanges, coins/tokens, storage solutions, web applications, payment processors, marketplaces, wallets
Services directed to businesses, retail, and sellers
Services directed to sole proprietors, high-value individuals and private trusts
CryptoCurrency Security Standard (CCSS) is a set of requirements for all information systems that make use of cryptocurrencies, including exchanges, web applications, and cryptocurrency storage solutions. By standardizing the techniques and methodologies used by systems around the globe, end-users will be able to easily make educated decisions about which products and services to use and with which companies they wish to align.
CCSS is designed to complement existing information security standards (i.e. ISO 27001:2013) by introducing guidance for security best practices with respect to cryptocurrencies such as Bitcoin. CCSS is not designed to substitute or replace these standards; in fact, following the CCSS to the letter while ignoring standards like ISO 27001:2013 will likely lead to compromise.
So any systems that use or touch cryptocurrencies, including exchanges, web applications, wallets, marketplaces, payment processors, has a set of “best practices” security standards that the industry says should be followed.
The CryptoCurrency Certification Consortium (C4) established cryptocurrency standards that help ensure a balance of openness & privacy, security & usability, and trust & decentralization.
CCSS is a cryptocurrency standard that augments standard information security practices. As with any standard, knowledgeable and experienced security professionals and/or auditors are necessary when implementing any information system to ensure coverage of all classes of attack as well as the appropriate handling of all potential risks.
grenert.net works with exchanges, apps, processors to assist them in meeting Level I, II, or III of the Cryptocurrency Security Standards.
College Credentialed Instructor and published Security Author with over 20 years of classroom and training experience. Subjects include:
20 years experience in Information Security Consulting and Analysis
ISC2 Information Security Industry Professional Certification
ISACA Operational Risk Industry Professional Certification
Enterprise Information Security Management; Corporate Governance, Risk and Compliance (GRC); Third Party Risk
Information Systems and Technology, Financial Services, Foreign Exchange, Blockchain, International, Insurance, Healthcare, Legal, State Government
Arizona Department of Revenue
Arizona Health Care Cost Containment System (AHCCCS)