Crypto.com Maintains Highest Tier
for NIST Cybersecurity Framework
and Privacy Framework

Commitment to Security and Compliance Remains
Central to Crypto.com Growth Strategy

Singapore, September 9, 2022 – Crypto.com, the world’s fastest growing cryptocurrency platform, today announced that it has successfully renewed the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) and Privacy Framework (PF) assessments as audited by SGS, an internationally-recognized certification authority.

SGS attested that Crypto.com is operating at the highest maturity level – “Adaptive (Tier 4)” in both NIST CSF and PF certifications, which goes beyond the standard industry averages. This renewal follows SGS’ initial NIST CSF and PF certifications for Crypto.com in November 2020.

The NIST CSF, developed by the US Department of Commerce, provides comprehensive guidance and best practices that private sector organizations can follow to improve information security and cybersecurity risk management, while the NIST PF is for strengthening privacy protection through risk management perspective and it helps companies protect individuals’ privacy. Today, the NIST CSF and PF are currently two of the most widely adopted security maturity frameworks across all industries.

Crypto.com was assessed against the 5 core functions of the NIST frameworks which are Identify, Protect, Detect, Respond and Recover for CSF. For PF, it consists of functions of Identify, Govern, Control, Communicate and Protect. To measure the company’s progress towards implementing the NIST frameworks, the frameworks identifies 4 implementation tiers (from lowest to highest in tiers) as tiers of Partial (Tier 1), Risk Informed (Tier 2), Repeatable (Tier 3) and Adaptive (Tier 4). SGS attested Crypto.com’s security capabilities with the highest tier “Adaptive (Tier 4)” on the scale for both NIST frameworks.

Crypto.com has obtained a wide range of security compliance certifications. Crypto.com is the first virtual asset exchange company in the world to be certified with ISO/IEC 27701:2019, ISO27001:2013, ISO22301:2019, PCI:DSS 3.2.1, Level 1 compliance, Service Organization Control (SOC) 2 Type 2, and to achieve the highest maturity levels for NIST CSF and PF.

“Being the first in our industry to originally achieve this recognition in 2020 was no easy task, but continuing to prove this resolve against the ever-changing threat landscape requires total commitment,” said Jason Lau, Chief Information Security Officer of Crypto.com. “Privacy and security remains a top priority and we will continue to invest in the expertise and resources to ensure best practices and safeguard Crypto.com.”

“Security for our customers has been a key focus since day one,” said Kris Marszalek, CEO of Crypto.com “I am tremendously proud of our team working every day to protect our customers, and the leadership of Crypto.com across our industry with these latest certifications.”

This renewed assessment is the latest example of Crypto.com’s commitment to security and compliance. Additionally, Crypto.com has recently received in-principle approval for a Major Payment Institution License from the Monetary Authority of Singapore, registration approval as a cryptoasset business from the UK Financial Conduct Authority (FCA), provisional approval of its Virtual Asset License from the Dubai Virtual Assets Regulatory Authority, Electronic Financial Transaction Act and Virtual Asset Service Provider registration in South Korea, registration in Italy from the Organismo Agenti e Mediatori (OAM), registration in Greece from the Hellenic Capital Market Commission, registration in Cyprus from the Securities and Exchange Commission, regulatory approval from the Cayman Islands Monetary Authority, and a pre-registration undertaking with the Ontario Securities Administration in Canada.

privacy security
Share with Friends: