
Project on Cyber Risk to Financial Stability
Fostering dialogue between academia, industry, and government to strengthen resilience to cyber risks within the financial sector.
Project on Cyber Risk to Financial Stability (CRFS)
The Project on Cyber Risk to Financial Stability, led jointly by the Program on the Future Cyber Risks and the Initiative on Central Banking and Financial Policy has worked to foster dialogue between experts in academia, industry, and government at the intersection of cybersecurity and financial stability to strengthen resilience in the financial industry. It is led by Jason Healey, director of the Program on Future Cyber Risks and a senior research scholar at SIPA; and Patricia Mosser, director of the Initiative on Central Banking and Financial Policy and a senior research scholar and senior fellow at SIPA.
Since 2016, the project has hosted a series of engagements bringing together experts from financial institutions, the public sector including regulators and other policymakers, academics and practitioners with backgrounds in finance and cybersecurity. It has also published a number of publications and hosted two iterations of the annual Cyber Risk to Financial Stability: State of the Field Conference.
The Cyber Risks to Financial Stability Project team includes: Jason Healey, Director of the Program on Future Cyber Risks and Senior Research Scholar at SIPA; and Patricia Mosser, Director, MPA Program in Economic Policy Management; Director of the Initiative on Central Banking and Financial Policy and Senior Research Scholar and Senior Fellow at SIPA.
Upcoming Event
The Fourth State-of-the-Field Conference on Cyber Risk to Financial Stability will take place on 14 April 2023 at Columbia University's School of International and Public Affairs. The conference is a collaboration between the Federal Reserve Bank of New York and Columbia University's School of International and Public Affairs. The 2023 conference will explore the impact of deglobalization on cyber risks and financial stability.
Publications
Publications
-
Published by The Capco Institute Journal in May 2021. It builds on the 2018 "Future of Financial Stability and Cyber Risk" publication, by developing a unique framework to assist analysts trying to assess how specific cyber risks might affect financial stability.
-
Published by the Brookings Institution in October 2018. It provides a general review of cyber risk to financial stability, contains a primer on financial stability and cyber risks, and highlights how cyber risks are different from other systemic financial risks. It also summarizes previous reports and efforts of policymakers and industry addressing these issues.
-
Examines the growing momentum around the world to bring the cybersecurity and financial stability communities closer together to be better able to manage cyberattacks on banks and other institutions of the global financial system.
-
Susan Hennessey spoke to Katheryn Rosen, Jason Healey, and Patricia Mosser. They talked about how to understand financial stability, the unique risks that cyber threats pose to it, and what gaps remain in how to mitigate those risks.
Events and Workshops
Events and Workshops
-
June 13-14, 2019: Katheryn Rosen participated in the SEACEN Policy Summit on Central Bank Leadership in Combating Cyber Risk that brought together senior central bank and monetary authority officials, private sector representatives, chief information security officers (CISOs), and academics with regional and global thought-leaders to discuss pressing issues relating to cybersecurity, identify challenges and possible solutions, and foster networks that will help put central banks and monetary authorities in the vanguard against these looming threats.
-
October 10, 2018: the Atlantic Council’s Cyber Statecraft Initiative convened key stakeholders from the financial, governmental and academic communities to convene for the release of a joint report by the Brookings Institution and Columbia University’s School of International and Public Affairs, The Future of Financial Stability and Cyber Risk. The panel was moderated by Katheryn Rosen, a Senior Fellow at the Atlantic Council’s Cyber Statecraft Initiative and a Senior Research Scholar at Columbia University School of International and Public Affairs.
-
July 10, 2018: workshop further developed the conceptual framework established in the previous gathering and explored amplifiers and dampeners of risk by focusing on a single market - the US treasury securities market.
-
May 10, 2018: SIPA hosted the first of two workshops that began the process to devise and refine a cyber risk and financial stability framework, emphasizing three pillars: financial stability, cyber risk, and transmission channels between the two.
-
April 18, 2017: workshop intended to tie together the work on cybersecurity conducted by the financial sector with the long-existing work of academics and financial experts on financial stability and resilience. The output of this workshop would create the agenda for needed research and policy analysis in the field of financial stability implications of cyber risks.
Cyber Risk to Financial Stability: State of the Field Conference
Cyber Risk to Financial Stability: State of the Field Conference
-
28-29 April 2022: The CRFS hosted its third annual State-of-the-Field Conference, in partnership with the Federal Reserve Bank of New York.
The conference will begin with a keynote by Eric Goldstein, Executive Assistant Director for Cybersecurity for the Cybersecurity and Infrastructure Security Agency. This will be followed by a panel discussion on “Geopolitical Cyber Risks to Financial Stability” which will consider the changing landscape ten years after Iran’s ‘Operation Ababil’. Day one will conclude with a fireside chat with Phil Venables, the Chief Information Security Officer for Google Cloud. Day two will focus on industry perspectives, commencing with a keynote by Tammy Hornsby-Fink, the Chief Information Security Officer for the Federal Reserve System.
-
14-15 December 2020: The CRFS hosted its second annual State-of-the-Field Conference partnership with the Federal Reserve Bank of New York.
During the virtual event, academic and industry experts in cybersecurity and financial sectors, came together to discuss the current state of the field, and considered three guiding questions: “What We're Learning?”, “What We're Doing?”, and “What's Next?” in addressing the current and future cybersecurity challenges to the financial sector. The event was a timely discussion on the current state of the field and future steps to be taken, held just days after the disclosure of the Solar Wind cyberattack, in which a hacker group, believed to be affiliated with the Russian government, gained access to the computer systems of multiple U.S. government departments, including the Treasury and Commerce department. Read more about the event on Liberty Street Economics. -
12 April 2019: The CRFS hosted its inaugural State-of-the-Field Conference hosted in partnership with the Federal Reserve Bank of New York.
The day’s discussion focused on the need for a common lexicon to define and classify cyber threats and incidents. That way, the industry as a whole can assess their systemic impact and devise macroprudential risk mitigation solutions. They also highlighted the importance of collaboration and information sharing in this field. Remarks were delivered by Mr. Kevin Stiroh, Executive Vice President of the Financial Institution Supervision Group of the Federal Reserve Bank of New York.
In the News
In the News
-
Synopsis's Software Integrity Blog: Mentioned "The Future of Financial Stability and Cyber Risk" on April 25, 2019. Read here.
Forbes: Katheryn Rosen quoted on the Cyber Threat to US Finance on March 20, 2019. Read here.
International Cybersecurity Dialogue: “The Future of Financial Stability and Cyber Risk” paper featured in the dialogue and praised as “a major contribution to the academy” on November 25, 2018.