On January 30, Nexo, a digital assets institution, achieved affirmation of its security and privacy protocols by attaining the ISO 27017 and ISO 27018 certifications, per the information shared with Finbold.

This builds upon the established foundation of ISO 27001 standards within the organization. Awarded by RINA—a multinational inspection, certification, and engineering consulting company renowned for its standards—reflects a dedication to safeguarding client data, bolstering cloud security, and upholding privacy standards in the contemporary digital landscape.

The importance of implementing robust security measures has become increasingly apparent. In 2023, despite a 50% reduction in losses attributed to security incidents within the cryptocurrency sector, the total still amounted to $1.7 billion. This figure underscores the significance of Nexo’s adherence to security standards.

The collaborative impact of ISO 27001, ISO 27017, and ISO 27018

Acknowledged for its Information Security Management Systems (ISMS), Nexo has been compliant with ISO 27001 since 2019 and augmented its credentials to encompass ISO 27017 and ISO 27018.

Nexo’s security commitment is evident through its ISO 27001 certification, emphasizing a security-focused approach. ISO 27017 extends these principles to the cloud, aligning with the crypto ecosystem’s prevalent use. ISO 27018 reinforces Nexo’s dedication to privacy, emphasizing explicit consent, data minimization, and rigorous third-party management for personally identifiable information in the cloud.

Nexo’s Chief Security Officer, Milan Velev, said:

“Nexo’s integration of ISO standards for information security and privacy signifies a major step forward in our journey to set new benchmarks in digital finance, we are not just complying with international standards; we are leading by example, prioritizing our clients’ security and privacy in every aspect of our operations.”

Kalin Panev, Country Manager of RINA, added:

“We are pleased to certify Nexo with the ISO 27017 and ISO 27018 standards. This partnership underlines RINA’s commitment to promoting advanced security measures and data protection in the innovative financial technology sector.”

Nexo’s acquisition of the ISO 27017 and ISO 27018 certifications further reinforces the company’s enduring dedication to maintaining the highest standards in security and privacy. This commitment is augmented by the SOC 2 Type 2 audit and the attainment of the CSA Security, Trust & Assurance Registry (STAR) Level 1 Certification.

Rather than viewing these accomplishments as final destinations, Nexo perceives them as pivotal steps in an ongoing journey toward establishing benchmarks in security and transparency within the digital assets space.