The NewsBTC team interacted with Pasi Koistinen for the first time after he was appointed the CISO of Coinhako. We asked him a few questions about the new role and his views on crypto markets and cybercrime. Here is an excerpt of the interesting interaction that happened recently.
Q: Thanks for joining us, and congratulations on your new role as the CISO of Coinhako. First, would you please introduce Coinhako to our readers?
A: Coinhako was founded in 2014 in Singapore, and the platform’s mission is to be the go-to gateway to the crypto economy, providing easy access to digital assets and connecting users to the crypto space.
Q: Can you tell us about your role in Coinhako and what made you join this company in particular?
A: My role as Coinhako’s CISO is to organize and manage cybersecurity activities across the whole company, and communicate related risks to stakeholders. I also act as the head of the security function and work in close contact with other business units spanning across legal, compliance, programming, and user ops. The move to the crypto space was a natural one as I always had a personal interest in the fast-growing digital assets industry. Coinhako was a good choice because it is one of the longest-standing digital asset companies in Singapore. Also, I felt that Coinhako having the in-principle approval as a DPT service provider in Singapore was a good indicator of their reliability.
Q: Would you like to give us some insight into how Coinhako protects the privacy and security of its users?
A: Besides having a robust security framework, our security protocol also includes educating our users with informational content via our online and social platforms, as well as through in-app prompts to encourage users to enable their 2FA, and avoid phishing attacks, dubious websites and other kinds of cyber threats.
Q: What are your plans with Coinhako? How do you intend to improve it further?
A: As the new CISO, I am excited to bring to Coinhako my extensive experience from various industries and different companies. Part of my plan includes growing our cybersecurity capabilities through refining and adopting new technologies and protocols. As the company is scaling up operations, the plan also includes increasing the security team’s headcount, which will be instrumental in expanding our company’s technological capability and maturity.
Q: When were you first introduced to cryptocurrencies? What were your roles and responsibilities before joining Coinhako?
A: My first foray into cryptocurrencies was in 2012. I read about Bitcoin and decided to buy a few back then, just for fun. I wish I still had them!
For the last 22 years, I have been working in the cybersecurity industry and have held various positions such as CISO and lead consultant. Also, I am a cybersecurity entrepreneur and co-founded two cybersecurity firms over the course of my career.
Q: Would you wish to educate our readers on the best practices to safeguard their crypto assets and protect themselves from cybercriminals?
A: The first rule of thumb is never click any message, link or file on the same device that you use for managing your digital assets. It is good practice to use 2FA for authentication but don’t rely on it to save you from a mis-click if a phishing attack is successful.
Q: What are your thoughts on cybercrime and crypto’s role in it? How is it different from pre-crypto days?
A: Cybercrime is evolving all the time and due to the anonymity of crypto, cryptocurrencies have been one of the preferred payment methods for cybercrime. However, they represent only a small percentage of the entire digital asset industry as cash is still the go-to medium for illicit payments. In the early years of cryptocurrencies, cybercriminals used to get paid in bitcoin and could launder their money with ease. But with the maturity of the crypto space, coupled with the transparency of blockchain payments, law enforcement agencies are becoming more knowledgeable of the workings of crypto and getting pretty good at investigations. Anti-crime efforts have to be consistent as perpetrators are constantly looking for opportunities to conduct illegal activities, so a huge shout-out to private institutions and regulators who are working tirelessly to mitigate such illicit activities.
Q: What are the common threats faced by crypto exchanges and businesses these days? How to mitigate them?
A: Crime syndicates generally have the same modus operandi for most attacks on exchanges and businesses. They typically try to illegally obtain assets from end customers through phishing attacks. Threat actors also target the exchanges by trying to infiltrate the systems via exposed systems or by hacking the employees. From our experience, the prime goal of such attacks is to steal customer data and the private encryption keys of the exchanges. Over the past months, we have seen a spike in such attacks. Mitigation of these threats requires a layered defense approach. As such, having a robust security framework consisting of multiple defensive controls to prevent, detect and react to attacks is especially important in ensuring the integrity of our platform and to protect our users’ assets.
Q: Would you like to share your vision of the crypto industry with our readers? How do people stand to benefit from it, especially with few governments attempting to stifle it with strict regulations?
A: The last two years have seen cryptocurrencies reaching mainstream consciousness. I posit that their adoption curve is just beginning though. We will continue to see extensive growth in value and adoption in both B2C and B2B. There will always be countries that want to benefit from this growth and these countries will have to put in place laws and governance that ensure that players in the market don’t cause excessive risks. Taking a responsible approach toward crypto will ensure that the industry gains maturity and trust in the eyes of society, consumers and lawmakers. Developing trust is paramount and will take some time, but it is inevitable too.
Q: Anything else you think our readers should know about?
A: I think cryptocurrencies are a great learning opportunity for everyone. They are effectuating a radical change in the financial ecosystem and beyond, and I believe crypto will modernize the global financial system like the Internet did to the exchange of ideas and information.