David Schwed - What We’re Getting Wrong About Crypto Security

In this episode, David Schwed explains that crypto security is fundamentally an extension of traditional enterprise security, yet it requires dramatically faster incident response. He highlights that digital signatures and key protection have long existed, but the immutable nature of blockchain transactions forces organizations to adopt preventive measures, circuit breakers, and rapid remediation. The conversation underscores how key management, multi‑party computation, and API policy engines can become soft spots, as illustrated by a $2 million loss where automated signing thresholds were exploited.

Schwed also contrasts physical and digital threats. While high‑profile "wrench" attacks capture headlines, they remain rare compared to the volume of cyber breaches that routinely drain millions. He describes how early‑stage crypto firms often expose founders to kidnapping and operational‑security risks, prompting some companies to conduct formal kidnap assessments. More pressing, however, is the looming quantum threat: future breakthroughs could render current encryption obsolete, jeopardizing both crypto assets and corporate intellectual property. The panel stresses the need for quantum‑resistant algorithms and proactive migration strategies.

Finally, the discussion turns to the evolving regulatory landscape. Schwed observes a migration of crypto activity back to the United States, driven by clearer legislation and a surge of venture capital relocating from Singapore, Dubai, and other hubs. U.S. banks are less focused on offering crypto custody and more interested in leveraging distributed ledger technology to streamline settlement, reduce counterparty risk, and modernize legacy processes such as repurchase agreements. This convergence of fintech, AI, and crypto positions the U.S. as the emerging epicenter for innovation and compliance in the digital‑asset ecosystem.