Cyber Risk to Financial Stability: State of the Field Conference
Conference Program and Agenda
The Second Annual Cyber Risk to Financial Stability will generate a robust discussion led by experts across the financial and cybersecurity fields and government, academic, and private sectors. Members of the CRFS Project and partners at the Federal Reserve Bank of NY will serve as moderators of each panel. They will draw on CRFS’s research, publications, and lessons learned from previous workshops to guide the conversation.
The conference will begin with a fireside chat with Arthur Lindo, Deputy Director for Supervision at the Federal Reserve Board of Governors, moderated by SIPA’s Dean Merit Janow. Then, it will turn to initiatives underway in the industry to manage cyber risks, including panels on “What We’re Learning?”, “What We’re Doing?” and “What’s Next?” in managing and mitigating cyber threats to financial stability.
9:00am – 10:00am: Conversation with Arthur Lindo, Deputy Director, Regulation and Supervision, Federal Reserve Board and Merit Janow, Dean, School of International and Public Affairs, Columbia University *This session is under the Chatham House rule
10:15am - 11:30am: What We're Learning? panel to present views by those who have recently written on the issue of financial stability and cyber risk.
- Moderator: Anna Kovner, Policy Leader for Financial Stability, Federal Reserve Bank of New York
- Leonardo Gambacorta, Head, Innovation and the Digital Economy Monetary and Economic Department, Bank for International Settlements
- Michael Junho Lee, Economist, Money and Payments Studies Function Research and Statistics Group Federal Reserve Bank of New York
- Leroy Terrelonge III, AVP, Cyber Risk Analyst, Moody's Investors Service
- Jonathan Welburn, Operations Researcher, Professor RAND Graduate School
9:00am - 9:15am: Introduction by Jason Witty, Head of Cybersecurity & Technology Controls, CISO, JPMorgan Chase *This session is under the Chatham House rule
9:15am - 10:15am: What We're Doing? panel to address public sector and private sector efforts to identify risk and build resiliency.
- Moderator: Patricia Mosser, Director, MPA Program in Economic Policy Management; Senior Research Scholar, School of International and Public Affairs
- Arthur Nelson, Research Analyst Cyber Policy Initiative, Carnegie Endowment for International Peace
- Greg Rattray, Senior Fellow, Adjunct Senior Research Scholar of International and Public Affairs
- Yeow Seng Tan, Executive Director, Technology Risk, and Payments Department and Chief Cyber Security Officer, Monetary Authority of Singapore
10:30am - 11:30am: What's Next? to discuss higher-level prescriptions (operational, technological, and policy) to address cyber risk to financial stability.
- Moderator: Jason Healey, Senior Research Scholar, School of International and Public Affairs
- Jeremy Brotherton, National Incident Response Team, Federal Reserve Bank of NY
- Alexandra Friedman, Deputy Director, Office of Cybersecurity and Critical Infrastructure Protection, U.S. Department of the Treasury
- Barry Pavel, Senior Vice President and Director, Scowcroft Center for Strategy and Security, Atlantic Council
National Incident Response Team, Federal Reserve Bank of New York
Jeremy Brotherton joined the Federal Reserve Bank of San Francisco in 2007 as a senior analyst in the National Incident Response Team (NIRT), which operates as a cyber fusion center for the Federal Reserve System. He joined the Federal Reserve Bank of New York in 2017 as an officer and was selected as head of the function in 2019. He is currently Group Vice President at the Federal Reserve Bank of Richmond where he continues to lead the NIRT reporting to the System’s Chief Information Security Officer. Mr. Brotherton holds a bachelor’s degree in Computer Engineering from Iowa State University and a master’s degree in Computer Science from Stanford University.
Deputy Director, Office of Cybersecurity and Critical Infrastructure Protection
Allie Friedman is the Deputy Director of the U.S. Department of the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP). Ms. Friedman leads the risk management and resilience team, working with public and private sector stakeholders to enhance the security and resilience of the financial service sector and reduce operational risk. In her role as deputy director, Ms. Friedman leads a team of policy advisors, risk management specialists, and cyber intelligence analysts to identify and mitigate systemic cyber risks and financial infrastructure vulnerabilities, engage financial institutions and financial regulators, and share information and drive operational and analytic collaboration. She also leads OCCIP’s participation in interagency efforts with the National Security Council and DHS, and its engagement with Congress. Prior to her role at Treasury, Ms. Friedman served as a senior policy advisor in the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC), where she led efforts at the intersection of cybersecurity policy and operations via the NCCIC’s participation in interagency planning and policy development, through the National Security Council. Ms. Friedman holds a master’s degree in Public and International Affairs from the University of Pittsburgh and a bachelor’s degree in Women Studies from the State University of New York at Purchase.
Head, Innovation and the Digital Economy, Monetary and Economic Department, Bank for International Settlements
Leonardo Gambacorta is the Head of the Innovation and the Digital Economy unit at the BIS. Before taking up his current position, Leonardo was Research Adviser (2014-2018) and Head of Monetary Policy (2010-12) in the Monetary and Economic Department. Previously, he was Head of the Money and Credit Unit (2007-09) and Head of the Banking Sector Unit (2004-06) of the Research Department of the Bank of Italy. He was a visiting scholar at the National Bureau of Economic Research (2002-03). He holds an MSc in Economics from the University of Warwick and a PhD in Economics from the University of Pavia. His main interests include monetary transmission mechanisms, the effectiveness of macroprudential policies in curbing systemic risk, and the effects of technological innovation on financial intermediation. He is a research fellow of the Centre for Economic Policy Research.
Michael Junho Lee
Economist, Money and Payments Studies Function Research and Statistics Group, Federal Reserve Bank of New York
Michael Lee is a Financial Economist in the Research and Statistics Group of the Federal Reserve Bank of New York. His research interests include corporate finance, financial markets, and financial institutions. Michael completed his Ph.D. in Finance from the Wharton School at the University of Pennsylvania in May 2016.
Research Analyst Cyber Policy Initiative, Carnegie Endowment for International Peace
Arthur Nelson is a research analyst in Carnegie’s Cyber Policy Initiative. He works on international cybersecurity and technology policy issues, including encryption policy, cybersecurity in the context of the financial system, and the geopolitical dimensions of fintech. Prior to Carnegie, he worked on election security issues at Elections Ontario.
Senior Vice President and Director, Scowcroft Center for Strategy and Security, Atlantic Council
Barry Pavel is senior vice president and director of the Scowcroft Center for Strategy and Security at the Atlantic Council, focusing on emerging security challenges, defense strategies and capabilities, and key European and global defense issues. Prior to joining the Atlantic Council, he was a career member of the Senior Executive Service in the Office of the Under Secretary of Defense for Policy for almost eighteen years. From October 2008 to July 2010, he served as the special assistant to the President and senior director for defense policy and strategy on the National Security Council (NSC) staff, serving both President George W. Bush and President Barack Obama. In this capacity, Pavel led the development of five of the first eight Obama Administration Presidential Study Directives. He was the initiator and architect of the NSC’s first-ever National Security Priorities Review and a key contributor to the President’s 2010 National Security Strategy. He led the NSC’s oversight of the four Defense Department strategic reviews (the Quadrennial Defense Review, Nuclear Posture Review, Ballistic Missile Defense Review, and Space Posture Review), including the President’s September 2009 decision on European missile defense and all presidential decisions on nuclear policy and posture; co-led the development of the president’s June 2010 National Space Policy; and contributed to the president’s policies on Europe and NATO, Korea, cyberspace, Defense Department operational plans and activities, military family policy, and other matters.
Pavel holds an MA in security studies and an MPA in international relations from Princeton University’s Woodrow Wilson School, and a BA in applied mathematics and economics from Brown University. While at Princeton, he was a founding editorial board member of the Journal of Public and International Affairs. He also served in the Office of the Defense Advisor, US Mission to NATO, and as a consultant to the Congressional Office of Technology Assessment.
Senior Fellow, Adjunct Senior Research Scholar, School of International and Public Affairs
Partner/Co-Founder NEXT PEAK, and Senior Advisor on Cyber Risk Management and Cyber Defense for Oliver Wyman. Greg previously served as the Global Chief Information Security Officer (CISO) at JPMorgan Chase and established their cyber defense strategy and program. As head of Global Cyber Partnerships, he led key industry initiatives including the establishment of the Financial Systemic Analysis and Resiliency Center (FSARC) and the Financial Cybersecurity Profile. Prior to JPMC, Greg was a founding partner and CEO of Delta Risk LLC, a cybersecurity risk management. He served as the ICANN Chief Internet Security Advisor from 2007-2010. He has also served as Director for Cybersecurity in the White House, commanded the Operations Group of the Air Force Information Warfare Center, pioneered the Department of Defense (DoD) and US national cyber exercise programs, and initiated Air Force and DoD partnership with the defense industry. He is a thought leader, author, and currently an adjunct professor at Columbia University.
Tan Yeow Seng
Executive Director, Technology Risk and Payments Department and Chief Cyber Security Officer, Monetary Authority of Singapore
Tan Yeow Seng heads the MAS Technology and Cyber Risk Department which is responsible for developing cybersecurity strategy and policies for the financial sector and supervising financial institutions’ technology risk management. In November 2017, Yeow Seng was appointed as MAS’ Chief Cyber Security Officer (CCSO) whose role involves strengthening the cyber resiliency of MAS and the financial sector. Before assuming his current role, Yeow Seng headed both the MAS Technology Risk Supervision Division and the Technology and Infrastructure Office which is part of the MAS FinTech and Innovation Group. In his technology risk supervision role, he led a team of specialists to perform supervision of technology risk management and cybersecurity practices in financial institutions. In the FinTech area, Yeow Seng was responsible for regulatory policies and strategies for developing safe and efficient technology enabled infrastructures for the financial sector.
Leroy Terrelonge III
AVP–Cyber Risk Analyst, Moody's Investors Service
Leroy Terrelonge is an Assistant Vice President in MIS’ Cyber Risk Group, where he
Jonathan William Welburn
Operations Researcher Professor, RAND Graduate School
Jonathan Welburn is a RAND researcher in the fields of operations research and computational economics and teaches at the Pardee RAND Graduate School. His research explores the topics of systemic risk in economic systems, supply chain risks, cyber security, and deterrence with the central theme of elucidating the spread of risk in complex and interdependent systems and potential policy solutions. Ph.D. in decision science & operations research, University of Wisconsin – Madison; BSc in industrial & systems engineering and economics, University of Wisconsin – Madison.
Speaker and Moderator Biographies
Senior Research Scholar and Adjunct Professor, School of International and Public Affairs, Columbia University
Jason Healey is Senior Research Scholar at Columbia University’s School of International and Public Affairs and Non-Resident Senior Fellow with the Cyber Statecraft Initiative of the Atlantic Council. Previously, he was vice-chairman of the Financial Services Information Sharing and Analysis Center and director for cyber policy at the White House.
Merit E. Janow
Dean, School of International and Public Affairs; Professor of Professional Practice, International Economic Law & International Affairs, Columbia University
Merit E. Janow is an internationally recognized expert in international trade and investment. At Columbia University, Professor Janow became Dean of Columbia University’s School of International and Public Affairs (SIPA) in July 2013 after serving as a Professor at SIPA and Columbia Law School. She has written three books and numerous articles and frequently speaks before business, policy, and academic audiences around the world. Professor Janow has had several periods of government service. She served for four years as one of the seven Members of the World Trade Organization’s (WTO) Appellate Body, which is the court of final appeal for adjudicating trade disputes between the 153 member nations of the WTO. From 1997 to 2000, she served as the Executive Director of the first international antitrust advisory committee to the Attorney General and the Assistant Attorney General for Antitrust, US Department of Justice. Prior to joining Columbia’s faculty, Professor Janow was Deputy Assistant U.S. Trade Representative for Japan and China (1989-93). She was responsible for developing, coordinating and implementing U.S. trade policies and negotiating strategies towards Japan and China. Professor Janow negotiated more than a dozen trade agreements with Japan and China. Professor Janow is on the Board of Directors of several technology and financial services corporations including the American Funds, Trimble Co., and MasterCard. In 2009, she became a charter member of the International Advisory Council of China’s sovereign wealth fund, CIC. Early in her career, Professor Janow was a corporate lawyer specializing in cross-border mergers and acquisitions with Skadden, Arps, Slate, Meagher & Flom in New York. She grew up in Tokyo, Japan and is fluent in Japanese. She has a JD, Columbia Law School and a BA in Asian Studies, University of Michigan.
Policy Leader for Financial Stability, Federal Reserve Bank of New York
Anna Kovner is the Policy Leader for Financial Stability. Her policy work focuses on financial stability including financial intermediation and systemic risk. Her research focuses on topics in corporate finance, including banking and venture capital. Her articles have been published in the Journal of Finance, Journal of Financial Economics, and the Journal of Financial Intermediation, among other journals. Prior to graduate school, she worked as a financial analyst. She received an AB in Economics from Princeton, an MBA from Harvard Business School where she was a Baker Scholar, and her PhD in Business Economics from Harvard University.
Arthur W. Lindo
Deputy Director for Policy, Division of Supervision and Regulation, Federal Reserve Board
Arthur Lindo (Art) is the Deputy Director for Policy in the Federal Reserve Board's Division of Supervision and Regulation. His principal responsibilities include overseeing the development and assessment of the effectiveness of Board regulations and policies affecting the financial services sector and coordinating the Board’s domestic and international regulatory programs. He also advises the Board on emerging policy matters that have implications for the supervision and regulation of the financial services sector. He is an active participant in various committees in the Federal Reserve System and is the Chairman of the Appraisal Subcommittee of the Federal Financial Institutions Examination Council (FFIEC) and the Chairman of the Basel Committee’s Operational Resiliency Working Group. Art has a BA in Accounting from the Catholic University of America and an MBA in Finance from George Washington University.
Director, MPA Program in Economic Policy Management and Senior Research Scholar, School of International and Public Affairs, Columbia University
Patricia Mosser is Senior Research Scholar at Columbia University’s School of International and Public Affairs and Director of the MPA in Economic Policy Management as well as the school’s Initiative on Central Banking and Financial Policy. Previously she was a senior official at the Federal Reserve Bank of New York and head of the Research and Analysis Center at the Office of Financial Research, U.S. Treasury.
Head of Cybersecurity & Technology Controls, CISO, JPMorgan Chase
Jason Witty is the Head of Cybersecurity & Technology Controls and Global Chief Information Security Officer for JPMorgan Chase with responsibility for the firm’s cybersecurity, technology controls and resiliency programs. Jason has 25 years of Information Technology experience, 23 of which focused on information risk management. He is a certified Information Systems Security Management Professional who has held major leadership roles in information security. Prior to JPMorgan Chase, Jason was the CISO at U.S. Bancorp and Senior Vice President and Cyber Threat Prevention Services Executive at Bank of America. Jason serves as the Financial Services Information Sharing and Analysis Center (FS-ISAC) Chair and previously was the Sector Chief for Financial Services in FBI Chicago’s InfraGard program.
- Leonardo Gambacorta: The drivers of cyber risk. and Operational and cyber risks in the financial sector.
- Michael Junho Lee: Cyber Risk and the U.S. Financial System: A Pre-Mortem Analysis
- Johnathan Welburn: Systemic Risk in the Broad Economy, Systemic Cyber Risk and Aggregate Impacts, and more Research
- Arthur Nelson: International Strategy to Better Protect the Financial System Against Cyber Threats
- International Monetary Fund: Cyber Risk and Financial Stability: It’s a Small World After All and Cyber Risk Surveillance: A Case Study of Singapore
- Atlantic Council: Dynamic Stability: US Strategy for a World in Transition, Beyond Data Breaches: Global Interconnections of Cyber Risk, Shaping the Post-COVID World Together, and Breaking Trust: Shades of Crisis Across an Insecure Software Supply Chain
- Research undertaken by SIPA's CRFS project can be found here:
The Cyber Risk to Financial Stability project is a partnership between
- Columbia University, Technology and Policy Initiative, Cyber Program
- Columbia University, Initiative on Central Banking and Financial Policy
This event is organized in partnership with the
Conference Welcome and Introduction - Dean Merit Janow and Jason Healey
What We're Learning?
Brief Introduction - Patricia Mosser
What We're Doing?