CCSS

blockchain regulartory vasp ccss

CCSS as a Regulatory Tool: A Framework for VASP Cybersecurity Supervision

CCSS /

When a bank applies for a licence, regulators know exactly what to look for. Capital reserves, liquidity ratios, governance structures, AML programmes, credit risk management, operational resilience: decades of supervisory practice have produced detailed assessment methodologies for each of these areas. The examiner arrives with a well-defined list of evidence to collect. However, when a […]

CCSS as a Regulatory Tool: A Framework for VASP Cybersecurity Supervision Read More »

zero trust ccss environment

Applying Zero Trust Architecture to CCSS Trusted Environments

CCSS /

Zero Trust Architecture (ZTA) has gained significant traction across cybersecurity since NIST formalised the concept in SP 800-207 in 2020. The principle of “never trust, always verify” has been widely adopted in government, financial services, and critical infrastructure as a replacement for the traditional perimeter-based model, which extends implicit trust to anything within the network

Applying Zero Trust Architecture to CCSS Trusted Environments Read More »

cybersecurity

CCSS v9 Threat Modelling and Risk Management

Leave a Comment / CCSS /

Every virtual asset service provider (VASP), whether operating as a custodian, an exchange, or a wallet infrastructure provider, holds cryptographic key material that adversaries actively seek to compromise. The threat actors range from organised criminal groups and state-sponsored operatives to malicious insiders and supply chain intermediaries. Acknowledging that these threats exist is insufficient; what matters

CCSS v9 Threat Modelling and Risk Management Read More »