One Crypto Exchange Is Going to Extreme Lengths on Cybersecurity
Kraken pushes its employees to act in ways associated more with intelligence agents than tech workers.
There’s an organization where children of employees have to sign nondisclosure agreements before attending company parties—the only exception is for kids who haven't yet learned to write—and where a parent had to explain to his 8-year-old that she couldn’t exchange Pokémon with friends because the boss forbids her from connecting her Nintendo Switch to the internet. When he goes to work, that same father has to leave his made-to-order suit, luxury French watch, and classy leather shoes in the closet, donning a $9 Uniqlo T-shirt and jeans to blend in with the crowd near the office.
This organization isn’t an underground criminal group or an intelligence agency—it’s Payward Inc., the San Francisco-based company established in 2011 to operate the cryptocurrency exchange Kraken, which investors now value at $10 billion. Nick Percoco, the company’s lushly bearded chief security officer, says ransomware attacks often start with cybercriminals digging up personal information about employees online and using it to tailor phishing emails containing malicious software. So he’s set out to install a company culture of vigilance—some would say paranoia—about guarding personal information. “Security has become part of our culture in a way that I don’t even have to say it much anymore,” says Percoco, a 25-year cybersecurity veteran. “I feel it.”