Below is a table of 2021 results that includes current score positions, position change, and the Exchange’s Cybersecurity Score (CSS) calculated by CER using the updated methodology
100 Exchanges by Cybersecurity Score
|Top February 2021
||Exchange||Cybersecurity Score||Position Change|
|1||Binance US||9,75||+ 5|
|7||Bithumb Global||8,36||+ 5|
|73||Huobi Korea||3,86||+ 1|
|100||FTX US||2,98||+ 5|
For a more multi-faceted and balanced assessment, we decided to add ISO 27001 compliance and fund insurance to our metrics. These features indicate that clients’ funds are insured and show that security meets international standards.
We need to clarify that insurance must cover potential losses in the event of hacks. In addition, an exchange can only receive points for ISO 27001 if the audit was performed by a certified company authorized to perform such audits.
The new CSS results show that only 14 crypto exchanges (4.8%) out of 289 received a “good” cybersecurity rating of over 8 points.
Since the last methodology update, we have received well over 100 certification requests. The scores have changed significantly based on the revelations from our last research.
Compared to the last Top 100 research, the number of exchanges running bug bounty programs to improve their security has increased from 48 to 77 (+60%!). According to the cer.live methodology, we rate self-hosted bug bounty programs twice as high as those managed by third-party vendors. The reason is that only neutral third-party platforms can ensure the fair execution of the bug bounty program and there is a guarantee that the hacker will be rewarded for each identified vulnerability. In addition, third-party platforms engage more hackers in the bug bounty program, which leads to better cybersecurity results.
The percentage of bug bounty programs managed by third-party platforms has increased significantly since the early 2020s. Most Bug Bounty programs are hosted on the following platforms:
According to our data, 42 (14.5% of total) exchanges regularly conduct pentests with various cybersecurity companies. By the end of 2020, the number of pentest reports received has increased significantly.
This tells us that not only have crypto exchanges become more concerned and vocal about security, but they are finally starting to put their money where their mouth is.
According to the collected data, 8 crypto exchanges are certified as those that meet ISO 27001 standards, and only 6 exchanges have an insurance fund for the hack cases. And only the following 5 exchanges have both:
- Binance US
We should note that the ETH and BTC balances of each of these exchanges exceed $1 billion.
The research results have shown that security is an increasing trend among cryptocurrency exchanges. However, the overall security rating remains low. Less than 10% of the exchanges studied have a good (8 or higher) security rating.
After the methodology update, with the exception of 6 platforms, the rating of most exchanges has decreased. For example, a very small number of exchanges with large customer bases received points for features added to the cer.live methodology. The Ethereum and Bitcoin balances of these exchanges are well over $1 billion.
100 Exchanges by Cybersecurity Score
1. Blockchain and Bitcoin Fund...
Earn with crypto even when the...
With attention to cryptocurren...
Experts believe that in 2018, ...
Hashflare Cloud Mining Review ...
Nasa Astronauts at work! 24/7 ...
Who knows how to do cloaking, ...
Together with the trader we un...
The Importance of Knowing abou...
Choose one of the pictures, cl...
Loyalty Program StormGain ...
If you have any questi...