Binance Chief Security Officer Shares Cybersecurity Strategies at 2025 Symposium

Binance’s Chief Security Officer Jimmy Su delivered a keynote address at the 2025 Cybersecurity & Diverse Innovation Symposium, co-hosted by the Digital Policy Office. Su provided attendees with an exclusive look into the strategies and experiences that have helped Binance maintain its position as a global leader in crypto security. His presentation was grounded in real-world cyber attack cases that Binance has successfully countered over the years, offering a masterclass in staying secure in a world of constant digital threats.

Su shared specific cyber attacks that Binance had to defend against, including a sophisticated phishing scheme that exploited fake social media accounts and websites to access users’ credentials. Once the credentials were acquired, attackers attempted unauthorized withdrawals using psychological manipulation techniques. Binance’s forward-thinking threat monitoring and AI-powered detection systems restricted the breach and secured all funds. Another example involved Distributed Denial of Service (DDoS) attacks on Binance’s infrastructure. The response included layered defense mechanisms, disabling geo-based malicious traffic, and deploying a global incident response group that mitigated the DDoS in under five minutes. These examples underscored the importance of having state-of-the-art technology and experienced leadership in cybersecurity.

Despite advancements in technology, cyber hygiene remains one of the most neglected areas of personal and organizational security. Su emphasized that many successful cyber attacks result from basic lapses in hygiene, such as weak passwords, unpatched systems, and poor user awareness. He outlined best practices for cyber hygiene, including enabling two-factor authentication (2FA) across all platforms, keeping software and firmware up-to-date, regularly educating teams on phishing and social engineering, and creating layered access controls for sensitive data. Su’s message was clear: Cyber hygiene isn’t optional; it’s fundamental.

Binance’s proactive stance on building future-proof systems was also highlighted. The company is investing heavily in AI-driven threat detection, decentralized identity verification systems, and partnerships with international law enforcement agencies. Su noted the importance of cross-border collaboration, stating that cyber threats do not respect boundaries, and therefore, defenses must be borderless. Binance has worked closely with law enforcement globally, leading to the takedown of several major hacking groups and the recovery of stolen assets. Su emphasized that crypto security needs to be integrated into the user experience, making safety intuitive and seamless for every Binance customer.

Su’s session served as a wake-up call and a roadmap for strengthening cyber resilience. He demonstrated how the same principles can be applied across industries, emphasizing the importance of building systems, teams, and cultures that anticipate threats before they strike. For leaders in tech, finance, and government, this was an opportunity to gain actionable insights on strengthening cyber resilience. The broader takeaway was that cybersecurity leadership isn’t just about being reactive; it’s about empowering people, investing in education, and leading from the front.

Su made it clear that security can no longer be an afterthought. From sharing real-world attack scenarios to emphasizing everyday cyber hygiene, he demonstrated what true cybersecurity leadership looks like. For companies navigating the web of digital transformation and data risk, the lesson is simple: security begins at the top, but it thrives when it becomes everyone’s responsibility.