CryptoCurrency Security Standard (CCSS) is a set of requirements for all information systems that make use of cryptocurrencies, including exchanges, web applications, and cryptocurrency storage solutions. By standardizing the techniques and methodologies used by systems around the globe, end-users will be able to easily make educated decisions about which products and services to use and with which companies they wish to align.
CCSS is designed to complement existing information security standards (i.e. ISO 27001:2013) by introducing guidance for security best practices with respect to cryptocurrencies such as Bitcoin. CCSS is not designed to substitute or replace these standards; in fact, following the CCSS to the letter while ignoring standards like ISO 27001:2013 will likely lead to compromise.
So any systems that use or touch cryptocurrencies, including exchanges, web applications, wallets, marketplaces, payment processors, has a set of “best practices” security standards that the industry says should be followed.
The CryptoCurrency Certification Consortium (C4) established cryptocurrency standards that help ensure a balance of openness & privacy, security & usability, and trust & decentralization.
CCSS is a cryptocurrency standard that augments standard information security practices. As with any standard, knowledgeable and experienced security professionals and/or auditors are necessary when implementing any information system to ensure coverage of all classes of attack as well as the appropriate handling of all potential risks.
A vCISO with grenert.net works with exchanges, apps, processors, and others to assist them in meeting Level I, II, or III of the C4 Cryptocurrency Security Standards.