Dr. Shira Brezis Co-Founder of Redefine: DeFi, Web3 Security Professional Comments on Safety Issues in Decentralized Finance and Role of Financial Institutions

We recently connected with Dr. Shira Brezis, CEO & Co-founder of Redefine, the “first” end-to-end security tech for DeFi investors. Dr. Shira discussed major issues financial institutions are concerned about regarding safety and security for web3 investing.

Redefine helps enable secure transactions, monitor in real-time, and proactively defend against DeFi attacks. Dr. Shira reportedly has years of experience in cybersecurity working with the Israeli government before finding her passion in crypto.

Our discussion with Dr. Shira Brezis is shared below.

Crowdfund Insider: How has risk mitigation technology associated with crypto transactions evolved among financial institutions in the last few years?

Dr. Shira Brezis: The evolution of risk mitigation technology around crypto transactions has completely transformed over the past few years. There was a time, not so long ago, when this sector was exactly like the old wild west, largely missing all of the robust, sophisticated tools that come completely standard in the traditional finance space. This gap often made financial institutions hesitant to take a dive into the crypto waters.

However, we’re now in a very different place. Through advancements in blockchain analysis, a deeper understanding of the web3-specific risks, and a variety of other technologies and tools, we’ve seen the creation and implementation of risk mitigation systems that more closely resemble those found in traditional finance.

This development signals a noteworthy maturity in the crypto security landscape, enabling financial institutions to conduct their operations with much more confidence and peace of mind. This being said, there is still a lot of progress to be made to reach the maturity, from a security point of view, that the traditional finance industry has reached.

Crowdfund Insider: How can governments step up efforts to combat hacks involving DeFi and what will future regulatory guardrails look like?

Dr. Shira Brezis: When it comes to addressing the troubling issue of hacks involving DeFi, I believe that from the government’s point of view, the approach needs to be two-sided. The first side involves consumer protection and looking out for the end users. This includes not only individual retail investors but also the larger financial institutions that manage enormous amounts of capital, including public funds and pension accounts.

The introduction of regulatory clarity and mandated security measures similar to those seen in traditional finance would go a long way toward accomplishing this goal. It’s important to understand that while it might be difficult to directly regulate decentralized applications (DApps), regulations can definitely be implemented to manage the actions of their users, which would significantly bolster security and decrease the likelihood of users’ signing transactions that result in their funds getting stolen.

The second side focuses on the national security implications of these hacks, some of which are unfortunately state-sponsored, with North Korea being one of the most active of these. The involvement of the Treasury and an emphasis on security compliance become crucial in this context. While insurance does provide some protection, it’s far from a complete solution as it doesn’t prevent the funds from ending up in the hands of bad actors, which then go on to fund nuclear weapons, terrorist activity, and more. A more comprehensive, proactive approach is needed to truly mitigate the potential damages.

Crowdfund Insider: What major issues are financial institutions concerned about when it comes to safety and security for web3 investing?

Dr. Shira Brezis: The expertise of financial institutions lies in managing financial risk. They’ve perfected this over many decades; turning this skill they’ve developed into an art form. However, when it comes to the world of crypto, there is a significant blind spot. The main concern for these institutions primarily lies in the fact that there is minimal visibility into the risks of the crypto sector.

Traditional financial risk management tools were simply not designed to deal with the unique challenges posed by digital assets Click to Tweet

Traditional financial risk management tools were simply not designed to deal with the unique challenges posed by digital assets, and this gap in capabilities can lead to an uncomfortable level of uncertainty. This is why it’s extremely important to develop and implement tools specifically designed to manage crypto risk, in order to give these institutions the visibility they need and the confidence they require to operate effectively in the digital asset space.

If the web3 space can be presented to financial institutions in a form that they are familiar with, including all the accompanying risk analysis tooling, a lot of the hesitation and concern would be lifted. We are slowly seeing a shift towards this now. Finally, automated response tools are needed to let investors sleep at night with a peace of mind.

Crowdfund Insider: What are some practices hedge funds and other FI’s can use to protect their digital assets as they become more popular?

Dr. Shira Brezis: The rising popularity of digital assets means that hedge funds and other financial institutions need to be extremely vigilant about protecting their investments. There are several measures that can significantly enhance their security profile. Firstly, implementing secure custody solutions is critical. Dropping the ball with custody security can be catastrophic, so it’s worth investing heavily in this area. There are currently a lot of great institutional custody and key management providers in the market so there definitely is access to secure custody.

It’s just a matter of adoption. Secondly, ensuring robust and diligent operational security is fundamental. This involves using tools to assess risks through each step of the operational flow – initial due diligence, pre-transaction screening, and ongoing position monitoring and disaster recovery plans.

Operation security in DeFi is as important as custody because when you’re interacting with DeFi, your risk vectors move from secure private key management to the fact that your funds are now directly exposed to smart contracts and all the risks that accompany those. Thirdly, it’s also important to have strong internal controls and segregation of responsibility between risk managers and traders. Having multiple eyes review everything is always good. A concentration of decision-making power is very risky. For example, a dedicated due diligence team can greatly improve a fund’s ability to identify and avoid potential issues before even getting to the point of interacting and signing transactions.

However, it’s not enough to just focus on new-age web3 security measures such as private key management and smart contract risks. Traditional web2 attack vectors and risks also need to be considered.

it's not enough to just focus on new-age web3 security measures such as private key management and smart contract risks. Traditional web2 attack vectors and risks also need to be considered Click to Tweet

Today’s threat landscape is complex and multifaceted, and attacks can come from both the web2 and web3 fronts. For example, if the front end of a DApp is compromised and the attacker uses this to inject a malicious transaction payload into a wallet connected to the DApp, the impact could be huge and only looking for Web3 risks would not be sufficient in this case. A comprehensive strategy that combines the best of both worlds is needed to provide a truly robust defense against potential threats.

Crowdfund Insider: What can DeFi learn from TradFi regarding safety standards?

Dr. Shira Brezis: DeFi is a brave new world that combines the risks of traditional finance with its own unique set of challenges. This means that DeFi stands to learn a great deal from the safety standards of TradFi. There are several lessons that can be taken from the experience of traditional finance. These include the importance of conducting thorough due diligence, the necessity of creating a comprehensive risk management system, the value of strict regulatory compliance and the importance of sharing information between the multiple security providers in the space.

The implementation of these standards into the DeFi space can significantly improve its security profile. This, in turn, would instill greater trust among both existing and future participants and could lead to increased adoption of DeFi solutions, which would be beneficial for the entire financial ecosystem.

Sponsored Links by DQ Promote



Send this to a friend