Marc Krisjanous is a cyber security turned crypto auditor that been working with the C4 cryptocurrency consortium to develop the new cryptocurrency auditor certification course (CCSSA).
Marc is presently undertaking the first ever audit of a business using the standard to asses their crypto security practices. In this conversation we talk about where the standards fit into a business, what they consist of, and touch on best practices both for businesses and for people getting into crypto.
Timestamps:
00:00 intro
00:44 background in credit card security
09:30 crypto security standard
13:16 attack vectors
16:11 profanity vanity generator
20:06 CCSS levels
24:41 the audit boundary
27:40 social engineering
29:35 practical takeaways for businesses
34:06 multi-party compute
36:39 security advice for newcomers
39:17 wen audit?
44:46 rapid fire
47:27 proof of reserves
51:36 fin
Acryonyms
QSA – Qualified Security Assessor
PCI – Payment Card Industry
DSS – Data Security standard
HSM – Hardware Security Module
CCSS – Cryptocurrency Security standard
CCSSA – CCSS Auditor
C4 – Cryptocurrency Certification Consortium
SOC2 – System and Organization Controls standard
ISO27001 – Information Security Management standard
Some notes from the show:
Marc’s writing https://confide.co.nz/crypto-corner/
C4 https://cryptoconsortium.org/
CCSS https://cryptoconsortium.org/standards/
https://rekt.news/
Profanity hack https://blog.1inch.io/a-vulnerability-disclosed-in-profanity-an-ethereum-vanity-address-tool-68ed7455fc8c
emp data storage https://www.cisa.gov/emp-gmd
Quadriga podcast: A Death in Cryptoland https://www.cbc.ca/listen/cbc-podcasts/904-a-death-in-cryptoland
MPC https://en.wikipedia.org/wiki/Secure_multi-party_computation
Sandbox https://www.sandbox.game/en/
Decentraland https://decentraland.org/
Celsius Machinsky withdraws 10m in customer funds https://decrypt.co/111081/alex-mashinsky-withdrew-10m-%d1%81elsius-before-freezing-customer-accounts
proof of reserves https://blog.chain.link/proof-of-reserves/
Contact Marc:
LinkedIn https://www.linkedin.com/in/marckrisjanous/
Find Jeff:
Twitter https://twitter.com/Japple
LinkedIn https://www.linkedin.com/in/jeffnijsse/
Find the BCNZ Pod:
Website https://podcast.blockchain.org.nz/
Apple https://podcasts.apple.com/us/podcast/the-blockchain-new-zealand-podcast/id1623533537
Google https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkLnBvZGJlYW4uY29tL2JjbnovZmVlZC54bWw
Spotify https://open.spotify.com/show/1BxGsdCsTp7EwERKF5Bm3x
iHeartRadio https://www.iheart.com/podcast/338-the-blockchain-new-zealand-96685118/
YouTube https://www.youtube.com/c/BlockchainNZ
Sponsor:
The Blockchain New Zealand podcast is brought to you by https://easycrypto.com/
Media & Sponsorship Enquires:
Recorded at blockheight 757090. The BCNZ podcast was founded in 2022 by Jeff Nijsse and Bryan Ventura.
More Episodes:
