Security at BlockFi is evolving. The recent SIM swap attack has made security the topic of conversation across the BlockFi leadership team. While safeguarding data was always a priority for us, it’s now under renewed focus and will have the full-time attention of a dedicated team. So let me introduce myself: I’m Adam Healy, a 15-year veteran of the technology industry and with experience spanning national security, healthcare, and financial services. I’ll be leading that team as BlockFi’s new Chief Security Officer.
In this role, I will focus on building an industry-leading security program that manages both cybersecurity and physical security. It’ll be a program that balances an ever-changing threat landscape with a best-in-class user experience.
It would be naïve of me not to mention the recent security incident. While it’s been well covered by the media and directly addressed by the BlockFi team, I want to be sensitive to lingering concerns and transparent in my commitment to our clients. This commitment is shared by our CEO Zac Prince, as we’ve taken this incident incredibly seriously and will continue to make safeguarding customer data the cornerstone of all our decisions.
So what comes next? First, we will evolve our controls and harden our security posture to meet the realities associated with sophisticated threat actors. Clients, partners, and vendors should feel encouraged to contact us with any security questions or concerns at firstname.lastname@example.org
. This email address is a direct channel to me and my team.
Moving forward, the BlockFi security program will expand across multiple layers, while reflecting the company’s core values and our security-first culture. Here are the principles that will drive its evolution:
Transparency – I plan to communicate regularly, both internally and externally, about the present and future of the BlockFi security program. This isn’t the last time you’ll hear from me.
Proactive Risk Management – “Paranoia as policy” is something I often say. To me, this term speaks to the state of the crypto industry and financial services more broadly. We need to be exceptionally thoughtful about the data and funds with which we’re entrusted. While we will continue to leverage industry best practices and widely accepted standards, our goal is to not just to “check the box,” but to truly manage security risk at every level.
Enlisting the Workforce – A security team can only do so much. Every employee is a sensor who knows what normal looks like. Working across organizational boundaries to collaboratively build a culture of security allows our entire workforce to be part of the defense. And in the case of cybersecurity, a strong defense wins the game. Since joining BlockFi, I’ve felt inspired to see a workforce that cares so deeply about security, and I look forward to helping further embed security into the company’s DNA.
Industry Involvement – We plan to do our part in raising the bar across the industry by helping drive standards, coordinating threat intelligence, and being an outspoken voice of security. I look forward to bringing BlockFi deeper into the discussions that are occurring across the industry.
I hope these four driving themes provide insight into the direction we’re heading and the level of rigor we’re applying to security. My goal is to provide regular updates and I look forward to the conversations that we’ll have. I feel lucky to be able to build on the great work that the company has done already, and I’m excited to lead BlockFi’s security team at this critical and exciting time in the crypto industry. Let’s work together to create a safe, steady, and thriving community.