The Treasury Department is opening a new cybersecurity channel to the digital-asset industry, offering eligible U.S. crypto firms and trade groups the same actionable threat intelligence it already shares with traditional financial institutions. Announced by the Office of Cybersecurity and Critical Infrastructure Protection, the program is meant to give exchanges, custodians and other market infrastructure providers earlier warning on live threats, along with more usable indicators for detection and response. Treasury is effectively telling the market that crypto resilience is now part of financial-system resilience.

That shift comes after another year in which digital-asset security failures continued to impose system-level costs. Chainalysis said more than $3.4 billion was stolen from crypto firms in 2025, while TRM Labs linked the April 1 Drift Protocol exploit, worth about $285 million, to a likely North Korean operation. The policy logic is straightforward: once losses are this large and attackers this persistent, threat intelligence becomes infrastructure, not a courtesy.

Treasury is narrowing the information gap

Treasury’s design is operational rather than rhetorical. The department said the initiative will provide timely cyber information to eligible firms so they can better identify, prevent and respond to attacks, and it framed the effort as implementing a recommendation from the President’s Working Group on Digital Asset Markets. Luke Pettit, Treasury’s Assistant Secretary for Financial Institutions, said digital-asset firms are becoming an increasingly important part of the U.S. financial sector, while Cory Wilson, Treasury’s Deputy Assistant Secretary for Cybersecurity, said the threats facing those platforms are growing in both frequency and sophistication. The message is that crypto firms should no longer be defending themselves with a lower-grade information set than banks.

Tyler Williams, Counselor to the Secretary for Digital Assets, tied the program directly to the GENIUS Act’s broader push for responsible innovation backed by stronger operational safeguards. That framing matters because it places cybersecurity inside the regulatory case for digital-asset growth, rather than treating it as a technical issue to solve later. Treasury is positioning cyber readiness as a prerequisite for scaling digital finance, not as an optional layer on top of it.

The real test will be integration, not announcement

Faster indicators of compromise, clearer adversary tradecraft and earlier warning that can be translated into detections, blocks and incident triage. For firms that automate ingestion into SIEM, SOAR and internal monitoring stacks, the program could materially reduce detection latency and improve containment during active campaigns. The benefit is not simply more information, but better timing.

The unanswered question is how quickly that advantage becomes real in production. Treasury has said only that eligible firms meeting its criteria can receive the intelligence at no cost and should contact OCCIP for more information; it has not yet publicly detailed the onboarding mechanics, delivery format or implementation timetable. That leaves exchanges and custodians to work out how the feed will fit into their tooling, staffing and escalation processes. This is a meaningful policy upgrade, but its market impact will depend on whether firms can turn government warning into machine-speed defense.