Cryptix Group became the first company in the EU and Switzerland with a CryptoCurrency Security Standard (CCSS) auditor on staff when its Chief Information Security Officer and Data Protection Officer Alexandre Horvath earned his CCSS certification from the CryptoCurrency Certification Consortium (C4) last month.
Being the first company in the EU and Switzerland with a certified CCSS auditor is a win for Cryptix and its clients. This certification – and the know-how that comes with it – will allow companies to further safeguard their clients’ digital assets.
But what exactly is CCSS certification? More importantly, how can it help clients – like you – protect their digital assets?
CCSS in brief
CCSS is a standard set of requirements for securing cryptocurrency systems including exchanges, web applications, and cryptocurrency storage systems. CCSS certification is intended to complement, not replace, existing information security standards (such as ISO 27001:2022) by introducing guidance for security best practices for cryptocurrencies such as Bitcoin and others.
CCSS standards required for certification include mastery of secure key / seed generation and policy (and what to do when those assets may have been compromised); plus, wallet creation and key storage; security tests and audits; data sanitization and more. Professional responsibility and ethics are also emphasized. (See full standard list here: Details: CryptoCurrency Certification Consortium (C4).
CCSS auditing certifies individual systems – certified at CCSS Level 1, 2 or 3 – and are classified in one of three distinct buckets, including:
- Self-Custody: A system with sole control of the private keys that control that entity’s own funds but have no control over customer funds.
- CCSS Qualified Service Provider (QSP): A system meeting only the requirements it has the ability to control, and which are part of the services it provides.
- CCSS Full System: one meeting all applicable requirements
The CryptoCurrency Certification Consortium (C4) is a non-profit organization that provides certification to professions performing cryptocurrency related services. Citing trust in “a trustless technology,” C4 established standards balancing openness, privacy, and security. More about C4: CryptoCurrency Certification Consortium (C4).
Certified auditors can help clients ensure that systems are compliant with best practices and resistant against all classes of cyberattack and other potential risks. Having the EU’s and Switzerland’s first certified auditor makes Cryptix is uniquely placed to help its clients with their IT, cybersecurity, and data protection needs. We’re proud to offer our clients this level of expertise and – and proud of our teammate for making it happen. Congratulations, Alexandre!