Blockchain, Security, and the Fight Against AI-Driven Attacks
Keir Finlow-Bates has spent years at the cutting edge of blockchain technology, cryptography, and cybersecurity. Now, as an advisor to Resonance Security, he’s focusing on one of the most pressing challenges in the industry—securing decentralized systems against increasingly sophisticated cyber threats.
Founded by Charles Dray, Resonance Security is tackling security risks in Web3, AI, and blockchain head-on. “Security isn’t just a feature—it’s the foundation,” says Dray. “If we can’t trust the systems we build, everything else falls apart. Keir brings a rare combination of deep technical knowledge and real-world experience to our mission.”
For Finlow-Bates, the shift toward cybersecurity was a natural evolution of his work in cryptography and blockchain. From designing decentralized systems to pioneering NFT experiments, he has always explored how technology can be both powerful and vulnerable. In our conversation, he unpacks the threats facing AI, blockchain, and the metaverse, and why security needs to be the first priority—not an afterthought.
Discovering Blockchain and the Need for Security
Finlow-Bates’ journey into blockchain began in the early 2010s, when a colleague handed him a copy of Satoshi Nakamoto’s Bitcoin whitepaper.
"Somebody at work spotted the Bitcoin paper and said, ‘You might find this interesting. It’s full of the kind of stuff you like.’ And they were right," says Finlow-Bates.
He was immediately drawn to the cryptographic principles and decentralized nature of Bitcoin. But even then, he recognized that blockchain’s greatest strength—its open, trustless system—could also be a weakness.
"Decentralization is powerful, but it also creates new attack surfaces," he says. "If you remove central authorities, you need new ways to ensure security, or you risk building systems that are just as fragile as the ones you’re trying to replace."
By 2015, after Qualcomm shut down its Finland office where he had been working, Finlow-Bates saw an opportunity.
"I thought, this is the universe telling me to go full-time into blockchain. So I did."
The AI Arms Race: Attackers Only Need to Win Once
Now, as an advisor to Resonance Security, Finlow-Bates is at the forefront of protecting blockchain and AI-powered systems from cyber threats.
"It’s an arms race," he says. "Defenders must get it right every time. Attackers only need to succeed once."
AI is fundamentally changing cybersecurity—for both good and bad. While AI-powered tools can improve security monitoring and threat detection, they also make it easier for attackers to launch sophisticated cyberattacks.
"AI lowers the barrier for entry," says Finlow-Bates. "You no longer need deep expertise to create malware. You can ask an AI to tweak existing code for you. That’s terrifying."
It’s a problem that Resonance Security is working to address. Through advanced cryptographic techniques, AI-driven security measures, and rigorous smart contract auditing, the company is developing tools to counteract emerging threats.
From Hacker to Security Expert
Finlow-Bates’ interest in security started young—so young, in fact, that it once got him into trouble at Cambridge.
"I got fined £5 and banned from using university computers for a term for hacking into the system. I had to write my entire project on paper and type it in on the last day," he says.
What started as curiosity eventually became a career. Today, Finlow-Bates channels that same mindset into ethical hacking, security consulting, and helping Web3 companies navigate the complexities of blockchain security.
Smart Contract Vulnerabilities and the Risks of Web3
Despite blockchain’s reputation for security, smart contracts are one of the biggest attack vectors in the space.
"Most people don’t realize how fragile smart contracts can be," says Finlow-Bates. "Once deployed, they’re immutable. If there’s a bug, you can’t just patch it like traditional software—you’re stuck with it."
This is where Resonance Security comes in, ensuring that smart contracts are rigorously audited before they go live. Given the history of high-profile DeFi hacks, this is more important than ever.
"Billions have been lost due to smart contract vulnerabilities," says Finlow-Bates. "Many of these exploits could have been prevented with proper auditing and testing."
How Do We Secure the Future?
When asked what the industry needs to prioritize, Finlow-Bates is clear:
"Security can’t be an afterthought," he says. "It has to be built in from day one."
He also emphasizes the importance of education.
"Most hacks aren’t due to some genius attacker discovering a completely new vulnerability. They happen because of human error—bad coding, poor security practices, and people falling for social engineering scams."
This is where companies like Resonance Security are making a difference, working to build a more secure foundation for Web3, AI, and blockchain applications.