Bitcoin and SHA-256, Cybersecurity, Standardization of cybersecurity in Crypto, best security practices, and much more.
Today’s guest is Steve Walbroehl, Chief Technology Officer / Chief Security Officer and cofounder of Halborn. Halborn is a blockchain cybersecurity firm that aims to secure the blockchain and protect users against data and monetary. Operating across the software development lifecycle, Halborn provides a suite of products and services designed to identify and close vulnerabilities in Web3 applications, helping to create the security standards that the market lacks. The company serves a diverse global client base spanning Layer 1 blockchains, infrastructure providers, financial institutions, and application and game developers. Halborn was founded in 2019 and is based in Miami, Florida. Steve has over 15 years of experience in cybersecurity, he is an expert, trainer, and technical leader in penetration testing, ethical hacking, web application, and cloud security, infrastructure security, vulnerability scanning and detection, IT compliance, and risk mitigation. He's worked with Fortune 500 companies spanning the Financial, Insurance, Mortgage, Technology, Utilities, Hospitality, and Blockchain industries. He holds several information technology and security certifications, including CISSP, CEH, CRISC, OSCP, OSWP, CISM, GWAPT, GAWN, AWS Solutions Architect Associate, CCNA, and Six Sigma.
We begin our conversation by discussing the differences between traditional and crypto cybersecurity. Steve explains why security is the most important sector of industry, the crypto. We discuss why being a security specialist in crypto is very stressful. We discuss the connection between regulation and cybersecurity. We stress that regulation can foster decentralization and provide better user protection guidelines. Steve shares how the internet regulation during the early days of the internet could provide a blueprint for how to foster proper regulation and compliance in crypto. Our next conversation topic centered around the systemic risks that developed in DeFi due to greed. We discuss how greed fueled flawed protocol design spurring the wrong incentives resulted in the collapse of various centralized institutions. Steve expresses his concern about proof-of-stake as a centralizing force. Steve shares a story where he explains the systemic risks that can come from cross-chain liquidity, similar to the 2008 financial crisis. We transition our conversation to focus on the security risks in crypto. Steve explains the full spectrum of vulnerabilities that are present in crypto. We discuss how these vulnerabilities can be exploited and why a particular type of protocol is targeted more routinely than others. Steve explains that security in crypto requires taking into account technical vulnerabilities and socio-economic incentives to properly assess a project’s vulnerabilities. Our next conversation topic centered around Halborn. Steve shares that one of the requirements to work as a security engineer at Halborn is to hack their way in. We discuss how coding and security testing is both an art and a science. We discuss the security of SHA-256 and why Bitcoin was a cryptography marvel. Our conversation transitions to focus on Seraph, the world’s first blockchain security notary platform powered by Halborn. Steve explains how Seraph can help provide a security framework and guardrails for projects looking to standardized security practices. Our final discussion topic centered around the connection between adoption and security. Steve explains how increased security will lead to increased adoption of DeFi. Please enjoy my conversation with Steve Walbroehl.