There are four levels of cryptographic key security: 1. secure key storage (e.g. key theft) 2. secure key use authorization (e.g. sign wrong thing) 3. secure key generation (e.g. tampered RNG) 4. secure key observation (e.g. side channels) Don't forget about 2 or 3.
See Tweet