Audit conducted by internationally recognized audit services firm SGS, which attested that Crypto.com is operating at “Adaptive (Tier 4)“, the highest tier on the scale for both NIST frameworks.
Crypto.com today announced it has been rated “Adaptive (Tier 4)” – the highest level possible for the National Institute of Standards and Technology (NIST) Cybersecurity Framework and the latest NIST Privacy Framework, developed by the US Department of Commerce. After rigorous third-party audits, Crypto.com becomes the first cryptocurrency company in the world to be certified for ISO27001, ISO27701, PCI:DSS (Level 1) and achieve the highest maturity levels for the respective NIST frameworks.
The NIST Cybersecurity Framework, originally released in 2014, provides a framework of security guidance for how private sector organizations can develop, assess and improve their ability to identify, protect, detect, respond and recover from cyber attacks. The NIST Privacy Framework was launched in January 2020, and is used to strengthen privacy protections through enterprise risk management. With today’s ever-changing security and privacy landscape, key outcomes include:
- Building customers’ trust by supporting ethical decision-making in product and service design or deployment that optimizes beneficial uses of data while minimizing adverse consequences for individuals’ privacy and society as a whole;
- Fulfilling current compliance obligations, as well as future-proofing products and services to meet these obligations in a changing technological and policy environment; and
- Facilitating communication about security and privacy practices with individuals, business partners, assessors, and regulators.
Crypto.com was assessed against the core functions of Identify, Protect, Detect, Respond and Recover for the NIST Cybersecurity Framework, and Identify, Govern, Control, Communicate and Protect for the NIST Privacy Framework. Each of these functions was assessed based on the company’s overall maturity. With the four progressive implementation tiers of Partial (Tier 1), Risk Informed (Tier 2), Repeatable (Tier 3) and Adaptive (Tier 4), Crypto.com was independently assessed by internationally recognized audit services firm SGS, which attested that the company is operating at “Adaptive (Tier 4)”, the highest tier on the scale for both NIST frameworks.
Jason Lau, Chief Information Security Officer of Crypto.com said, “The NIST Cybersecurity and Privacy Framework audits add to our existing ISO 27001, ISO 27701 and PCI:DSS certifications and demonstrate our commitment to our company-wide cybersecurity and privacy strategy. With the NIST 'Adaptive' achievement - which examines our maturity and ability to adapt to the ever-changing cybersecurity and privacy landscape - and ISO's assessment of our policies, procedures and controls in place, we are once again the first crypto company to achieve some of the industry's highest security standards.
Kris Marszalek, Co-Founder and CEO of Crypto.com said, “Achieving the highest maturity level based on the NIST Frameworks speaks volumes to our commitment to security and privacy, which have been cornerstones of our business since day one. Having recently surpassed 5 million users, we will continue investing aggressively in technology and process that maintains the highest standards of security and privacy in the industry.”
Crypto.com was founded in 2016 on a simple belief: it's a basic human right for everyone to control their money, data and identity. With over 5 million users on its platform today, Crypto.com provides a powerful alternative to traditional financial services, turning its vision of "cryptocurrency in every wallet" into reality, one customer at a time. Crypto.com is built on a solid foundation of security, privacy and compliance and is the first cryptocurrency company in the world to have ISO/IEC 27001:2013, CCSS Level 3, ISO/IEC 27701:2019, PCI:DSS 3.2.1, Level 1 compliance, and independently assessed at Tier 4, the highest level for both NIST Cybersecurity and Privacy Frameworks. Crypto.com is headquartered in Hong Kong with a 600+ strong team. Find out more by visiting https://crypto.com.