According to overseas media reports, Amber Group, the world‘s leading digital financial technology platform, recently announced that it has successfully obtained the assurance report of SOC 2 Type II on the company’s security system control. The assurance, independently audited by Deloitte, provides a thorough audit and assurance of the company’s security system controls, a milestone that further establishes Amber Group as a leader in the digital asset industry following the completion of Amber Group’s SOC 2 Type I certification earlier this year. One of the most secure and compliant organizations.
SOC 2 is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA) to ensure that service providers meet a standard level of security controls in areas such as confidentiality, privacy, and risk management and monitoring The industry’s gold standard.
Obtained SOC 2 Type II certification
Completing the SOC 2 compliance certification also makes Amber Group one of the few institutions in the industry that can simultaneously meet the five data principles of SOC 2. These five principles include security, availability, confidentiality, processing integrity and privacy, and are the trust standards formulated by AICPA to verify whether an enterprise has a strict data security control system and strictly protects user privacy data. Most importantly, as part of the SOC 2 Type II attestation, the company has demonstrated compliance with internal controls for its security systems in practice, and the company has implemented over a longer period of time than SOC 2 Type I In-depth audit.
The attestation also confirmed the operability of the internal controls for the security system, Amber Group not only incorporated data security management into its management framework, but also implemented the most effective and relevant technologies to ensure data security at key business touchpoints, including data Classification, PII encryption and protection, separation of duties and terminal security management, etc. In addition, internal controls for security systems are also considered to be properly designed and managed to provide reasonable assurance that their service commitments and system requirements will be implemented in accordance with applicable trust service standards.
As such, this SOC 2 Type II compliance achievement underscores Amber Group’s enduring commitment to information security, continuing to ensure agency-level security controls to protect users.
NIST Cybersecurity Framework Assessment is Tier 4
As the industry refocuses on regulation and user protection, independent scrutiny of security controls has never been more important to the digital asset industry, exacerbated by the ever-evolving cybersecurity environment with a steady stream of security incidents and attacks.
In response to this growing complexity, Amber Group has voluntarily sought to test the strength of its cybersecurity program through an independent assessment guided by the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) Cybersecurity Framework.
Amber Group uses the NIST Cybersecurity Framework Test (the security industry’s recognized best management standard) to assess cyber maturity and has received the highest level of NIST Cybersecurity Framework, a Tier 4 rating, a result that demonstrates the company’s commitment to cybersecurity awareness and culture into its commitment to business operations. In addition, the assessment identifies potential cyber risks, which translate into actionable best practices that help strengthen a company’s cyber defense and detection capabilities.
Michael Wu, CEO of Amber Group, said: “At Amber Group, we are committed to being accountable to the highest security and compliance standards practiced in a highly regulated industry. We recognize that security and privacy are at the heart of users’ trust in digital assets, and we want to continue to provide Build trust with regulators. Based on a strong multi-layer security strategy, our team will continue to invest money and technology to develop a trusted platform for all users. Regular audits are our constant challenge to achieve industry security compliance An important part of the Gold Standard, we are proud to have completed leading industry assessments demonstrating the rigour of our programmes and systems.”