On Friday, March 13, the CryptoCurrency Certification Consortium (C4) announced that Andreas M. Antonopoulos, Mike Belshe of BitGo, Eric Lombrozo of Ciphrex, Joshua McDougall and Michael Perklin of C4, Sean Neville of Circle and John Velissarios of Armory Enterprise have agreed to form the steering committee for C4’s CryptoCurrency Security Standard (CCSS).
The mission of the steering committee is to “ensure the CCSS remains up-to-date, neutral and relevant in establishing security standards in the fast changing world of cryptocurrencies.”
John Velissarios, co-founder and CISO of Armory, commented on the newly formed steering committee., “Keep in mind, the wider security world in financial services, telecoms and public sector have been solving similar problems for many years and the experiences gained in these industries are equally, if not even more applicable to the problems facing cryptocurrency companies. The CCSS, supported by C4 Steering Committee members, has a mix of skills, that together provide very wide and deep coverage and I’m confident we can tackle all the challenges that will come our way.
In the same post on its website blog, C4 issued an open invitation to the community to contribute to the CCSS.
What is the CCSS?
The CryptoCurrency Security Standard is an open standard repository for a set of requirements for any information system that utilizes cryptocurrencies. It’s mission is to enable people and companies using cryptocurrencies employ best practices that will protect them from security attacks and minimize risk.
“CCSS is a set of guidelines to help two sets of people,” says Michael Perklin, President of C4. “Newcomers find it immensely valuable because it pulls all of the things you need to do into a single checklist. It makes it easier for them to benefit from the experience/knowledge of the many peers that came before them.”
“Established services will benefit from it when the standard is ratified in Q4 2015 by being able to post completed assessments against the standard so their customers know without a doubt that they are a Level I, II, or III system.”
“Bitcoin started out as an experiment,” says Eric Lombrozo, co-CEO & CTO of Ciphrex. “Initially, the most significant concerns were pertaining to the protocol and the ability for the network to achieve consensus, not scaling it to manage accounts worth millions or hundreds of millions of dollars. Moreover, Bitcoin was from the start a disruptive concept for the existing financial industry – as such, not many early Bitcoiners had had much experience in existing financial security practices.”
A Call for Collaboration
Both Lombrozo and Perklin emphasize the importance of community involvement in the development of the CCSS. “CCSS is a collaborative effort,” says Perklin. “ It’s not some decree written by a centralized committee that the world must follow.”
Velissarios agrees. “The wider community can bring a multidisciplinary approach to the crypto currency world and bring decades of experience, which will be immensely helpful to crypto currency startups.”
“I’ve been working on enterprise security software for nearly 20 years,” says Lombrozo of his own involvement in CCSS. “While cryptocurrencies bring many additional challenges to security, many basic concepts carry over from earlier projects. I hope to bring some of that experience into this space.”
Anyone with an interest in cryptocurrencies is encouraged to participate in the project. The post lays out a number of ways that people can contribute.
“While security experts have an obvious avenue for contributing, the standard also needs help from graphic designers, language translators, and proofreaders too, just to name a few.
Access to the project can be found on its Github repository as well as via the C4 Slack site #ccss-discussion channel. Interested participants can join the channel by emailing a request.
Image via Freepik
March 14, 2015 at 03:43PM
