Crypto Security & Compliance: What it is & Why you Need it

Alex Wykoff
  • 7 min read

Last year, $3.8 billion worth of cryptocurrency was stolen from various services, making 2022 the biggest year ever, according to a report from Chainalysis. Crypto risks seem to be consistent with overall cybersecurity risks: higher than they’ve ever been, and lower than they ever will be. So, we’re taking a look at that risk landscape and explaining the role of a security and compliance program in navigating it.

The Crypto Risk Landscape

Unfortunately, there’s no shortage of news about crypto fraud and theft. On March 6, the SEC shut down Miami investment adviser BKCoin for orchestrating a $100 Million crypto fraud scheme. In June 2022, Bored Ape Yacht Club lost $360,000 worth of NFTs in a phishing attack. And in February 2022, Check Point Research (CPR) found six phony anti-virus apps on the Google Play store with over 15,000 total downloads. The apps were spreading malware dubbed “Sharkbot” which steals credentials and banking information.

In future blogs, we’ll dive deeper into the most common attacks on crypto wallets

Lack of Knowledge = Opportunity for Thieves

Businesses and consumers are increasingly purchasing cryptocurrency assets and accepting crypto payments. Unfortunately, many lack a clear guide on how to manage cryptocurrency within an organization and keep their assets safe. This ack of knowledge provides an opportunity for thieves, much like the early internet days when people forwarded “chain” emails in hopes of receiving money from Bill Gates.

No Undo Button

Control + Z is one of my favorite keyboard shortcuts. It’s wonderfully convenient. But on the blockchain, there is no such thing as refund or clawback. Once funds are spent, they’re spent.

Additionally, with the technology being new, even seasoned professionals may lack the required knowledge. For example, just last month, a Hong Kong fashion executive thought she was adopting a kitten from Thailand and lost $764,000 in a Bitcoin scam.

This inexperience combined with the inability to “undo” transactions make for a treacherous landscape indeed. With no option to hold assets in escrow, prevention is everything.

The Downside of Decentralization

Web3, by nature, is decentralized, enabling community members to participate democratically, and even to own a piece of the internet. Community tokens can be used not just for commerce, but also to participate in the voting process for Decentralized Autonomous Organizations (DAO).

However, decentralization can be a disadvantage when it comes to security. There are numerous standards established for securing technology infrastructure, such as the Payment Card Industry Data Security Standard (PCI DSS) and the Cloud Native Security Whitepaper. However, no such entity currently exists for web3 and crypto. Cryptocurrency lacks both a governing body as well as a central promotional organization.

Without that centralized, trustworthy authority, there’s no consensus on best practices. Although yes, credible experts do exist, and we here at Wursta are among them!
Even when there are standards to rely on, organizations must still make ongoing, concerted efforts to reduce risk. Lack of standards brings an extra layer of risk to accepting, owning, or implementing crypto.

Bring Structure & Security to Your Crypto Process, Delivering Confidence

OK, enough doom and gloom! It’s entirely possible to substantially increase security and decrease your risk by bringing structure to your crypto management processes- which is precisely what Wursta’s Cryptocurrency Security & Compliance Program (CSCP) does.

Along with comprehensive training services, Wursta provides a framework of clear, concise guidance to safely manage and protect your cryptocurrency assets. With a risk-based, layered approach, Wursta’s CSCP helps you achieve peace of mind that your assets are logically housed and protected.

This is just a blog-length overview of crypto security and compliance. Join us for an upcoming webinar where we’ll share more detail or contact us to discuss how we can help your organization.