To expand the protection of the Finoa crypto platform, we are partnering with one of the most experienced security-as-a-service providers in Europe, Myra Security.

Through the partnership, Finoa's web applications will benefit from protection against Distributed-Denial-of-Service attacks (DDoS) and malicious manipulation attempts. This will give Finoa's customers the highest security assurances available, protecting their assets from unauthorized access, sabotage, and manipulation.

Banks are 300 times more likely to be attacked than other companies. Myra is a certified provider specializing in IT security for the highly regulated finance industry.Ingo Lalla, Vice President Myra Security

Myra is a multi-certified security services company based in Germany and meets Finoa's regulatory requirements as a specialized provider for highly regulated sectors. The company has the extensive industry expertise and already offers cybersecurity protection to notable banks and critical infrastructures, in addition to the German government and the Munich Security Conference.

Raising the bar for institutional crypto security 

Crypto assets are prime targets for cybercriminals, making crypto custodians like Finoa a potentially lucrative target for malicious actors. Warm storage technology for the custody and management of crypto assets requires the highest level of IT security and data protection. 

In securing its crypto platform, Finoa relies on a holistic protection concept. Myra protects the platform's services against DDoS attacks and provides protection against malicious requests, automated attacks, sabotage, or manipulation attempts through the Myra Hyperscale WAF (Web Application Firewall) and Deep Bot Management.

How the partnership meets strict compliance standards 

The security-as-a-service solutions Finoa obtains from Myra qualify as “material outsourcing of activities and processes” according to the German Financial Supervisory Authority (BaFin), meaning there are strict regulatory requirements associated with it. Such IT outsourcing must meet the requirements of BAIT (Supervisory Requirements for IT in Financial Institutions), MaRisk (Minimum Requirements for Risk Management), and FISG (Financial Market Integrity Strengthening Act), for example. 

In many cases, the legislator and BaFin specify tangible measures for the technical and procedural organization of IT systems, information security requirements, emergency concepts, outsourcing contracts, and exit management. These affect both Finoa itself and Myra as an affiliated service provider. Extensive certifications and continuous audits enable Myra to meet these technical and procedural requirements. Myra also supports its partners with legally approved contracts to remove administrative hurdles in advance – saving resources for both parties and ensuring rapid deployment of the required security services.

In Myra, we found a service provider that has the necessary technical expertise to secure our platform and that actively supports us in compliance matters. This helps us tremendously in complying with increasingly stringent regulatory requirements.Michael Heinks, Chief Risk & Compliance Officer at Finoa