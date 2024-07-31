BitGo Signs the Cybersecurity and Infrastructure Security Agency (CISA)

July 2024 by Marc Jacob

BitGo becomes the first crypto company to sign the Cybersecurity and Infrastructure Security Agency (CISA) Pledge to promote collective action to enhance cybersecurity resilience across various sectors. Signing the CISA pledge necessitates meeting the following requirements:

Increasing the use of multi-factor authentication (MFA).

Decreasing the use of default passwords.

Reducing the "prevalence of one or more vulnerability classes across the manufacturer’s products."

Increasing the installation of security patches by customers.

Publishing vulnerability disclosure policies that authorize testing by customers and provide a "clear channel" to report vulnerabilities, as well as publicly disclose them "in line with coordinated vulnerability disclosure best practices and international standards."

Reporting accurate "Common Weakness Enumeration (CWE) and Common Platform Enumeration (CPE) fields in every Common Vulnerabilities and Exposures (CVE) record for the manufacturer’s products."

Increasing the "ability for customers to gather evidence of cybersecurity intrusions affecting the manufacturer’s products."

As the leaders in this space on secure custody solutions, we already incorporate CISA’s best practices and more. By signing the pledge, we aim to be an example for the digital asset industry and to promote the highest security standards across this vertical.

BitGo already goes above and beyond these security minimums and is signing the pledge to set an example for the digital asset industry and encourage other companies in this vertical to sign the pledge in a commitment to enhanced security standards.

Richard Reinders, CISO at BitGo, shared, "We applaud CISA for establishing standards for best security practices. As the leaders in this space on secure custody solutions, we already incorporate CISA’s best practices and more. By signing the pledge, we aim to be an example for the digital asset industry and to promote the highest security standards across this vertical."

BitGo has partnered with Bugcrowd to continue BitGo’s bug bounty program.

Since 2013, BitGo products have been anchored in the utmost reliable security and technology. We are committed to this mission and continue to lead by our best practices.