The keys are stored offline, but the BTC are always online. They are relatively safe against someone compromising your computers remotely. Against physical intrusions or insider attacks, not as much.
Physical intrusions can be dealt with by encrypting the keys, which I hope they are doing. Using a secret sharing scheme with physical tokens (e.g. smartcards) carried by chosen employees should reduce the danger of both of those attacks.