On hindsight and risk assessment
Contents
Andrew MacPherson
|Feb 27, 2025
First off, there are a lot of posts from vendors and security people touting “This one trick could have prevented the Bybit hack”. At Privy we hold security in high regard and do not believe in ever “punching down” or using a security event for marketing purposes (that said I am writing THIS piece).
Security incidents WILL happen, everyone makes mistakes – if you don't have any incidents it's usually a red flag for me that indicates that there is a problem with logging, auditing or controls. These needn’t be critical events but there is always an air of alertness and investigation in maintaining a robust security program.
The Bybit hack is a tragedy and a huge loss of confidence in the security of the modern web3 ecosystem. It definitely gives us some food for thought in how we think about security and what real enforcement we should have …
|Feb 27, 2025
First off, there are a lot of posts from vendors and security people touting “This one trick could have prevented the Bybit hack”. At Privy we hold security in high regard and do not believe in ever “punching down” or using a security event for marketing purposes (that said I am writing THIS piece).
Security incidents WILL happen, everyone makes mistakes – if you don't have any incidents it's usually a red flag for me that indicates that there is a problem with logging, auditing or controls. These needn’t be critical events but there is always an air of alertness and investigation in maintaining a robust security program.
The Bybit hack is a tragedy and a huge loss of confidence in the security of the modern web3 ecosystem. It definitely gives us some food for thought in how we think about security and what real enforcement we should have …