Crypto.com Tightens Security, First CEX with ISO Certification

Hacks and data breaches have been one of the biggest concerns for crypto firms and investors. To address this issue, crypto firms are increasingly taking a tougher stance on security.

Most recently, Crypto.com has taken an important step that may set the standard for the industry. The Singapore-based exchange became the first digital asset platform to obtain ISO cloud security and privacy certifications. 

On Tuesday, the crypto exchange announced that it attained ISO 27017 for security in the cloud and ISO 27018 for privacy protection certification. The platform underwent an audit by SGS, an internationally-recognized certification authority. 

“Security and privacy continue to be a core focus for us, particularly as we scale our services globally through the use of cloud infrastructure,” said Jason Lau, Chief Information Security Officer at Crypto.com. “These most recent certifications are a testament to our industry leadership and continued commitment.”

ISO 27017 is a cloud-specific security standard that tackles information security controls related to cloud services. Put simply; it ensures that platforms adhere to standards that make cloud data breach less likely. On the other hand, ISO 27018 deals with broader privacy standards for cloud services. Specifically, it gives privacy-specific data for organizations that manage cloud data.

“Security and privacy are foundational pillars of our commitment to our 80 million users around the world,” said Kris Marszalek, CEO of Crypto.com. “We will continue to invest in ensuring the highest standards for safety, security, and privacy,” he added. 

The crypto space has long been at a relatively high risk of malicious attacks. In particular, frequent data breaches and hacks highlight the need for tighter security in the space. 

For instance, the NFT platform OpenSea suffered an email data breach in June 2022. According to the company, the data breach came through its email vendor. 

Trading apps and online banks are not immune from similar attacks. Trading app Robinhood suffered an email breach in Nov 2021. The hack revealed the email addresses of five million users. 

Moreover, the recent bankruptcy of the crypto exchange FTX revealed lax security practices. Since its bankruptcy, the exchange has reportedly lost $415 Million to hacks. This raises alarms about the security of centralized exchanges in the crypto space. 

The crypto space is still a digital Wild West. The risks of hacks and data breaches are still very real. Fortunately, Crypto.com’s decision could set standards for other firms, leading to more security.