New players are constantly entering the world of cryptocurrencies, and most of them are aware of the need for increased security in the world of crypto. The understanding leads to an investment in various tools for the protection and monitoring of the wallets, but the big challenge is in professional monitoring and active protection over time – at this point, the various organizations are lacking capabilities and attention.
.
Many new players have entered the world of crypto in the last year – various financial institutions, money exchangers and brokers, market lenders, companies from the world of fintech, hedge funds, venture capital funds, commercial companies and various private entities. Various banks and financial trading entities have sprung up – and they all hold digital wallets, they all trade in different crypto-currencies with different characteristics and behaviors, and they are all in the process of moving into the future economy.
.
The dangers lurking for crypto market players are many, both internal and external. From cyber hacking and taking over wallets, cryptography key management of various wallets (hot wallets, cold wallets and hot storage), deviation of the organization’s wallets managers from policies and procedures set by the organization’s managers (whether accidentally or intentionally), fraud by other market players – exchanges or crooks. In addition, organizations are required for cyber security capabilities, secure backup, business continuity and attack and disaster recovery (DR) capabilities.
.
As if these dangers were not enough, the players in the crypto world must be aware and vigilant of local and international regulations and standards that change frequently. Laws and regulations in the world of international trade, in the world of the war on money laundering and terrorist financing (AML / CTF) and in the arena of cyber security. An organization that makes an effort and conducts itself “correctly” can find itself on the “wrong side of the fence” in Europe because of changing money laundering regulations, without even intending to do wrong.
.
Organizations that deal with crypto, must install advanced security systems in wallets, and adapt them to the specific activity of the organization. It is challenging for an organization to carry out a risk assessment and define for itself which security technologies fit him best – which manufacturer best suits its needs.
.
Organizations must set up highly skilled monitoring and control centers, which handle the organization’s internal activities, the organization’s activities throughout the crypto world, and must be updated 24 hours a day with “intelligence” alerts and changing regulations. This activity requires a high level of skill, expensive skilled employees – a resource always in shortage, and a lot of attention from managers. The serious organizations will also employ external companies from time to time, so that these will “attack” the organization in a proactive manner in order to discover weaknesses and vulnerabilities in the organization’s defense (pen-test).
.
In order to receive alerts from around the world about regulatory changes, intelligence alerts about new methods of attack, terrorist organizations and information circulating on the Internet about successful attacks – the organization must connect with dozens of international organizations that provide this information.
.
An organization that was attacked, entered a great vortex. Managers, employees and certainly finance and cyber managers. Incidence response capabilities, recovery and return to routine are required, and in most organizations the perception of “it will not happen to me” and “I invested a lot of money in security” leads to hysteria. In these times a professional and supportive body is required to accompany the company. And companies under pressure pay a lot more (!!!), so services companies are waiting for such opportunities.
.
In a conversation with Avi Yariv, one of the founders of i-AML: “Various companies, such as i-AML, provide organization, companies and individuals with these requirements in the best possible way. The company is active in various countries around the world, and supports both companies interested in establishing an internal center in the company for monitoring and controlling the world of crypto, AML and cyber, and remote management (MSSP) for companies interested in outsourcing this activity to reliable and quality outsiders. The service includes requirements analysis and adjustment of the right technology for the organization, installation of the selected system and establishment of the right policies for the organization, monitoring of all crypto activities with an emphasis on compliance with changing international regulations, and emerging intelligence-financial alerts around the world. In the event of an incident – the organization receives professional support and guidance until it returns to full activity. ”
.
Avi Yariv, I-AML Founder,
Cyber, Intelligence, Security and C4I
Chairman of the international InnoTech Conference,
For further details, contact Avi Yariv at [email protected]