Project on Cyber Risk to Financial Stability

Published by The Capco Institute Journal in May 2021. It builds on the 2018 "Future of Financial Stability and Cyber Risk" publication, by developing a unique framework to assist analysts trying to assess how specific cyber risks might affect financial stability.

Learn more here »

Published by the Brookings Institution in October 2018. It provides a general review of cyber risk to financial stability, contains a primer on financial stability and cyber risks, and highlights how cyber risks are different from other systemic financial risks. It also summarizes previous reports and efforts of policymakers and industry addressing these issues.

Learn more here »

Examines the growing momentum around the world to bring the cybersecurity and financial stability communities closer together to be better able to manage cyberattacks on banks and other institutions of the global financial system.

Learn more here »

Susan Hennessey spoke to Katheryn Rosen, Jason Healey, and Patricia Mosser. They talked about how to understand financial stability, the unique risks that cyber threats pose to it, and what gaps remain in how to mitigate those risks.

Learn more here »

June 13-14, 2019: Katheryn Rosen participated in the SEACEN Policy Summit on Central Bank Leadership in Combating Cyber Risk that brought together senior central bank and monetary authority officials, private sector representatives, chief information security officers (CISOs), and academics with regional and global thought-leaders to discuss pressing issues relating to cybersecurity, identify challenges and possible solutions, and foster networks that will help put central banks and monetary authorities in the vanguard against these looming threats.

October 10, 2018: the Atlantic Council’s Cyber Statecraft Initiative convened key stakeholders from the financial, governmental and academic communities to convene for the release of a joint report by the Brookings Institution and Columbia University’s School of International and Public Affairs, The Future of Financial Stability and Cyber Risk. The panel was moderated by Katheryn Rosen, a Senior Fellow at the Atlantic Council’s Cyber Statecraft Initiative and a Senior Research Scholar at Columbia University School of International and Public Affairs. 

July 10, 2018: workshop further developed the conceptual framework established in the previous gathering and explored amplifiers and dampeners of risk by focusing on a single market - the US treasury securities market.

May 10, 2018: SIPA hosted the first of two workshops that began the process to devise and refine a cyber risk and financial stability framework, emphasizing three pillars: financial stability, cyber risk, and transmission channels between the two. 

April 18, 2017: workshop intended to tie together the work on cybersecurity conducted by the financial sector with the long-existing work of academics and financial experts on financial stability and resilience. The output of this workshop would create the agenda for needed research and policy analysis in the field of financial stability implications of cyber risks.

28-29 April 2022: The CRFS hosted its third annual State-of-the-Field Conference, in partnership with the Federal Reserve Bank of New York.

The conference will begin with a keynote by Eric Goldstein, Executive Assistant Director for Cybersecurity for the Cybersecurity and Infrastructure Security Agency. This will be followed by a panel discussion on “Geopolitical Cyber Risks to Financial Stability” which will consider the changing landscape ten years after Iran’s ‘Operation Ababil’. Day one will conclude with a fireside chat with Phil Venables, the Chief Information Security Officer for Google Cloud. Day two will focus on industry perspectives, commencing with a keynote by Tammy Hornsby-Fink, the Chief Information Security Officer for the Federal Reserve System.

14-15 December 2020: The CRFS hosted its second annual  State-of-the-Field Conference partnership with the Federal Reserve Bank of New York.
During the virtual event, academic and industry experts in cybersecurity and financial sectors, came together to discuss the current state of the field, and considered three guiding questions: “What We're Learning?”, “What We're Doing?”, and “What's Next?” in addressing the current and future cybersecurity challenges to the financial sector. The event was a timely discussion on the current state of the field and future steps to be taken, held just days after the disclosure of the Solar Wind cyberattack, in which a hacker group, believed to be affiliated with the Russian government, gained access to the computer systems of multiple U.S. government departments, including the Treasury and Commerce department. Read more about the event on Liberty Street Economics.

12 April 2019: The CRFS hosted its inaugural State-of-the-Field Conference hosted in partnership with the Federal Reserve Bank of New York.
The day’s discussion focused on the need for a common lexicon to define and classify cyber threats and incidents. That way, the industry as a whole can assess their systemic impact and devise macroprudential risk mitigation solutions. They also highlighted the importance of collaboration and information sharing in this field. Remarks were delivered by Mr. Kevin Stiroh, Executive Vice President of the Financial Institution Supervision Group of the Federal Reserve Bank of New York.

Synopsis's Software Integrity Blog: Mentioned "The Future of Financial Stability and Cyber Risk" on April 25, 2019. Read here.

Forbes: Katheryn Rosen quoted on the Cyber Threat to US Finance on March 20, 2019. Read here.

International Cybersecurity Dialogue: “The Future of Financial Stability and Cyber Risk” paper featured in the dialogue and praised as “a major contribution to the academy” on November 25, 2018.