Security is an evolution that requires constant updates to address new threats. In the development of the commercial Internet, technologies like TLS/SSL were invented by businesses to address a market need. The best of these ideas emerged into standards and were embraced by leading web companies and harnessed by service providers to build security platforms like Verisign. The human and system processes for deploying these technologies also became certifiable standards that could be audited. Once standards were in place, the Internet ecosystem was able to thrive, and we experienced rapid growth in e-commerce and web-based innovation.

As we begin 2015, Bitcoin sits at a similar stage of development as the Internet in 1994. There is substantial merchant adoption, venture capital financing, and company creation. However, the security of Bitcoin remains fragmented and brittle because nearly every company in the industry is creating their own custom security models, and many are taking dangerous shortcuts.

The result of this inconsistent and immature approach to security has resulted in notable theft and loss, such as the collapse of leading Bitcoin exchange MtGox, and the recent ~19,000 BTC theft from BitStamp. These security breaches of course harm the employees, customers and shareholders of these companies, while the industry as a whole loses credibility with each new event. Although some companies are employing sophisticated technology and techniques to secure customer funds, other companies ignore the risks and operate without necessary protection of digital assets.

The security of digital and physical assets has been standardized in every financial industry around the world including banking, stocks, bonds, and commodities. In order for the cryptocurrency space to meet the security demands of customers, a common industry standard is required.

Through a collaboration between BitGo, Inc., a company committed to building high-security bitcoin platforms, and CryptoCurrency Certification Consortium (C4), a not-for-profit organization dedicated to the standardization of the cryptocurrency industry, the CryptoCurrency Security Standard (CCSS) was authored and published. Additional input was provided by Armory Enterprise Security.

This standard will be a catalyst for the next phase of growth for Bitcoin and cryptocurrencies. Companies that comply with the standard will instill more confidence in their customers, investors, and business partners. Traditional players like auditors and insurance carriers will see this standard as a pathway for them to engage in the industry, much like predecessors SAS70/SSAE-16 engendered a vibrant ecosystem for the Internet. The simple goal of this standard is to collect and define the current best practices and give Bitcoin organizations a bar to meet when holding digital assets for their customers.