Today we spoke with David Schwed, Chief Operating Officer of blockchain cybersecurity firm, Halborn. The firm, made up of award-winning ethical hackers and blockchain specialists, helps protect blockchain services and apps from cyber attacks.
In our conversation we discussed the security demands facing Web3, the talent shortage to deal with the problem, practical advice on avoiding cyberattacks, and much more.
Thanks for joining us today. Can you please introduce yourself to the audience?
Hi, I am David the Chief Operating Officer at Halborn. Prior to joining Halborn I was the Global Head of Digital Assets Custody at BNY Mellon, the world’s biggest custodian bank, where I integrated the IT strategy for the company’s digital asset services. I was also CISO for Galaxy Digital, a digital assets and blockchain merchant bank. There I led vision, strategy, and execution for information security while establishing IT infrastructure. As a risk committee advisor, I also assessed emerging threats in the financial services industry and their influence on corporate operations.
With the fast growth of advanced security in the Web3 space, is there enough talent to handle cybersecurity in the industry?
Unfortunately there is a skills shortage at the moment. There is for the entire cybersecurity space as a whole and is only compounded by the fact that Web3 technologies are considering emerging technologies.
Web3 is an expansive space with many areas of interest; which areas does Halborn Security cover?
We work with organizations during the entire lifecycle of their Web3 journey. For some clients it may be more architectural in nature and for others it may be focused on assessing a project that is already in production. Given our mission is to secure the convergence of Web2 and Web3, we focus on the entire project/organization holistically.
Security demands never end, and since Web3 is expanding continuously, what is Halborn doing to stay updated?
It’s a balancing act between theoretical and practical learning and research methods. As an engineering focused organization, we ensure all of our engineers have access to the latest research as well as time dedicated to apply their work hands-on with the latest technologies.
What advice do you have for our web3 audience on avoiding cyber hacks and attacks in 2023?
Approach security through the lens of risk management. It’s critical to first identify the risks associated with their offering and then ensure there are both preventative and detective controls in place to effectively mitigate said risks. Be pragmatic and avoid the temptation to rush a new feature or solution to market without the requisite reviews and audits. In addition, allocate an adequate budget for your InfoSec team and ensure it’s staffed appropriately. For the average user, education is critical at the moment due to lack of consumer protection in the ecosystem. I would encourage everyone to really understand (at a high level) what a wallet is, what a DApp is and how they work, etc. That basic level of understanding will help improve phishing attempts as it will raise awareness of someone trying to authorize a token approval.
For more information, visit the website: https://halborn.com/