After Pasi Koistinen was named Coinhako’s CISO, NewsBTC had their first interaction with him. We spoke with him to get his opinions on the role, as well as about cybercrime. Below is an extract from the fascinating interaction which took place in recent weeks.
Q: Thank you for being here, and congrats on your role as Coinhako’s CISO. Would you first introduce Coinhako and its services to our readers
A: Coinhako was founded in 2014 in Singapore, and the platform’s mission is to be the go-to gateway to the crypto economy, providing easy access to digital assets and connecting users to the crypto space.
Q: We are interested in your involvement in Coinhako. What made you decide to work for this company?
A: My role as Coinhako’s CISO is to organize and manage cybersecurity activities across the whole company, and communicate related risks to stakeholders. As the security chief, I work closely with all business units, including legal, compliance and programming. As someone who has always been interested in digital assets and their rapid growth, the move to crypto was an easy one. Coinhako is a great choice, as it’s one of the oldest digital asset companies here in Singapore. Coinhako being approved in-principle as a DPT Service Provider in Singapore was also a sign of their reliability.
Q: We would love to hear from you about how Coinhako secures privacy and security for its users.
A:Our security protocol includes more than just a strong security system. We also educate our users via social and online platforms with useful information, in-app prompts, and through our website and app to remind them to activate their 2FA and to avoid any phishing attacks or dubious sites.
Q: Your plans for Coinhako What are your plans to make it even better?
A:Coinhako’s new CISO is me. My extensive knowledge from different industries and companies has made it possible for me to contribute my vast experience. I plan to increase our cybersecurity capability by adopting and refining new protocols and technologies. As the company is scaling up operations, the plan also includes increasing the security team’s headcount, which will be instrumental in expanding our company’s technological capability and maturity.
Q: What year were you introduced to cryptocurrency? Before joining Coinhako, what were your roles?
A: In 2012, I made my first venture into cryptocurrency. After reading about Bitcoin, I decided to purchase a few just for the fun of it. They are still my favorite thing!
Over the past 22 years I have worked in the cybersecurity sector and have held various roles such as CISO or lead consultant. In my professional career, I have co-founded two cybersecurity companies.
Q: We would love to inform our readers regarding the best methods to secure their crypto assets and defend themselves against cybercriminals.
A:It is a good rule to never click any link, file or message on the same device as you use to manage digital assets. It is good practice to use 2FA for authentication but don’t rely on it to save you from a mis-click if a phishing attack is successful.
Q: What are your thoughts on cybercrime and crypto’s role in it? Is it any different than pre-crypto?
A:Because of their anonymity, crypto has been a popular method of payment for cybercrime. Cybercrime evolves all the time. But they only make up a fraction of the digital asset market. Cash is still the most popular medium for illegal payments. Cybercriminals could easily launder money and get paid with bitcoin in the early days of cryptocurrency. The transparency and maturity of blockchain payments has made it possible for law enforcement agencies to become better at investigating crypto. As criminals will continue to look for illegal opportunities, anti-crime efforts must be constant. This is why we should give a shout out to regulators and private institutions who work tirelessly to reduce such crimes.
Q: Which are the most common security threats facing crypto businesses and exchanges? They can be mitigated.
A:The majority of attacks on businesses and exchanges are carried out by crime syndicates that use the same methodus. They often try to illegally get assets from their customers by using phishing attacks. The exchanges are also targeted by threat actors who try to hack into employees or expose systems. We have found that such attacks are designed to steal customers’ data and private encryption keys. These attacks have increased in recent months. A layered defense is required to mitigate these threats. As such, having a robust security framework consisting of multiple defensive controls to prevent, detect and react to attacks is especially important in ensuring the integrity of our platform and to protect our users’ assets.
Q: We would love to hear your thoughts on the cryptocurrency industry. Is it possible for people to reap the rewards of it when there are few regulations to prevent it from happening?
A:In the last 2 years, cryptocurrencies have become mainstream. Their adoption is only just starting, however. Both B2C as well as B2B will see significant growth in adoption and value. There will always be countries that want to benefit from this growth and these countries will have to put in place laws and governance that ensure that players in the market don’t cause excessive risks. Responsible crypto policy will allow the industry to mature and gain trust from consumers, legislators and society. Although it will be difficult to build trust, this is possible.
Q: Do you have any other suggestions for our readers?
A:Cryptocurrencies offer a tremendous learning opportunity. These cryptocurrencies are creating a profound change within the financial sector and elsewhere. Cryptocurrencies will, I believe, modernize the global financial market in the same way that the Internet revolutionized the exchange of information.