In a rapidly digitizing world, cybersecurity isn’t optional; it’s a necessity. Consider the following cyber statistics:

  • Data breaches cost businesses an average of $4.35 million in 2022.
  • Around 236 million in ransomware attacks occurred globally in the first half of 2022.
  • Phishing is the most common form of cybercrime, with an estimated 3.4 billion spam emails sent every day. Over 48% of emails sent in 2022 were spam.

The growing cybersecurity threat landscape

With cyber threats increasing in number, sophistication and intensity, organizations use multiple cybersecurity platforms and ingest threat intelligence from numerous sources to keep innovative attackers at bay. At the same time, the fast-changing developments in artificial intelligence, especially generative AI, exacerbates the risk of the technology being used not only for defensive means, but potentially to fuel cyberattacks or enhance current attack methods. The emergence of Web3, the decentralized iteration of the internet, has opened a new frontier for cyber threats.

Security breaches have hit the Web3 market hard, shaking the faith of potential investors and fostering negative sentiment, underscoring the urgent need for robust security. Instances of attacks on smart contracts, social engineering attempts, bridge exploits, and wallet breaches are on the rise. As a result, crypto-based crime soared to an all-time high in 2022, with illicit addresses receiving $20 billion, up from $8 billion in 2020, according to Chainalysis.

And yet, in the Asia Pacific region, the security awareness and investment of mainstream enterprises/institutions in the digital asset industry has significantly improved. Past market fluctuations have also eliminated a group of companies that do not prioritize security and compliance and have raised higher requirements for security construction and compliance management for existing enterprises. In some countries, digital asset management businesses have received more regulatory support, with clearer financial compliance management requirements, such as Hong Kong’s VATP & VASP.

Addressing the cybersecurity challenges of Web3

The decentralized nature of Web3 places a significant amount of sensitive data – transaction records, personal identifiers, digital asset ownership – at risk. This data, if unprotected, can fall into the wrong hands leading to grave consequences.

Cybercriminals often exploit vulnerabilities in decentralized applications and smart contracts and take advantage of centralized storage points like bridges and wallets. With the rise of DeFi, hackers are orchestrating attacks on the infrastructure itself rather than simply infiltrating personal accounts.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

Improving cybersecurity to decrease these threats is a top priority for the crypto industry. The traditional finance sector has had decades to refine its security, and to compete, crypto must catch up quickly.

Against this backdrop, companies like Amber Group are prioritising Web3 security, emphasizing risk monitoring and data loss prevention. Recognizing the unique threats and vulnerabilities of Web3, Amber Group has shaped its services to protect digital assets throughout their lifecycle, because, in the face of Web3’s evolving security landscape, a purely preventative approach is insufficient.

Security and compliance form the foundation of digital asset financial services

It’s crucial to use compliant infrastructure to protect the legality of digital asset transactions for both institutions and their customers. In locations like Hong Kong, Singapore, and Japan, government regulations on compliance requirements and security standards are clearly defined. This necessitates that technology infrastructure supporting critical functions meets relevant qualifications.

Digital asset security encompasses the entire lifecycle, not just storage of private keys

Institutions dealing with a high volume of transactions must evaluate and mitigate risks that emerge when assets are being transferred, such as threats from cyberattacks or internal misconduct. This includes potential intermediary attack risks and transaction interface vulnerabilities. The infrastructure for asset custody must, therefore, be equipped with business logic and the ability to evaluate these threats in order to prevent risks throughout all stages of an asset’s lifecycle.

There are some good examples of how this can be achieved. For example, Amber Group’s self-custody solution uses RigSec’s HSM-based security encryption hardware infrastructure, which is recognized by regulators, and secure hardware to enforce strategies for managing financial risks, along with processes for internal oversight.

Digital asset financial service institutions value both security and flexibility

For instance, Amber Group puts an emphasis on flexibility in its infrastructure while ensuring robust safety measures. That means providing flexible role-based authorization mechanisms and sufficient responsiveness to quickly connect with new asset categories.


In summary, as Web3 continues to evolve and its adoption increases, addressing cybersecurity risks becomes paramount. Companies like Amber Group, specializing in Web3’s unique challenges, can provide a valuable perspective on securing the decentralized world.  In the Web3 world, assets are stored piecemeal in various decentralised projects, making managing vulnerabilities difficult.

Meanwhile, vulnerability means risks to assets and money. The key is to acknowledge the emerging threats, understand Web3’s unique vulnerabilities, and develop appropriate security measures to protect sensitive data and digital assets.