“Many institutions rely on external technology providers and simply take their word for it when it comes to security”–Paul Ebeling
Consider the number of cryptocurrency exchanges and other DeFi marketplaces that have seen exploitations and breaches. Many exchanges and marketplaces are more interested in the business of garnering new customers than keeping user assets safe.
As a consequence, they utilize technology that is no match for the skill set of today’s hackers. Many times they are not rich in technological knowledge. Even CTOs are without extensive experience in preventing sophisticated cyberattacks. Often, they outsource their entire security apparatus, relying entirely on the claims of external providers and vendors.
The mistake is not in utilizing outside vendors. In fact, finding a provider that has more significant experience in building the technology infrastructure required for your business is often an excellent idea.
The mistake is in trusting a provider without verifying the quality of their work. It is not enough for a vendor to say that they offer industry-standard encryption services.
There is nothing more important to a digital asset exchange’s long-term success than its ability to keep those assets safe. It is incumbent on the operator of an exchange to ensure that they are prudently spending their cybersecurity funds. Any company that collects personal information or financial data has a duty to be a good steward of the trust they have been given.
We as a society must hit the reset button on cybersecurity. We need to throw out the old playbook and develop a new vision for dealing with cutting-edge threats, especially with an ever-expanding cyberwar. The need for a paradigm shift has never been greater.
Have a prosperous week, Keep the Faith!