The problem with Bybit is actually due to the lack of a CTO.

Risk control cannot be effectively managed just by hiring a high-salaried individual.

Such security issues are almost the lifeblood of an exchange.

In other words, a CTO, as a purely technical bureaucrat, is the true decision-maker of the project/exchange. It is difficult to replace a CTO who drops the ball.