Michael Barr, Vice Chair for Supervision at the Board of Governors of the Federal Reserve System, addressed the importance of the conference and continuing the important collaboration to better quantify cyber risk in his day two opening remarks. “Forums like today's conference are critical to improve how we think about and measure the presence of cyber risk in financial markets. The ability to better measure cyber risk will allow banks and supervisors to improve their understanding of the direct and indirect costs of a cyber disruption. An incident poses direct costs on an affected bank and its customers, as well as indirect costs to other market participants who are connected to the affected bank …
“Despite progress in recent years, techniques to quantify cyber risk are still at a nascent stage, in part because of a lack of good data,” Barr explained. “Better data on cyber threats and vulnerabilities will enable us to identify and assess threats to banks and the financial system. In addition, improved data on interconnectedness between financial institutions and service providers will help identify and measure the impact of an incident on the broader financial system. The ability to quickly identify patterns, connections, and vulnerabilities will enable quick response, and may mean the difference between a controlled event and one that has a serious impact. We are supporting efforts to further study this subject through public-private coordination groups. In addition, cyber incident reporting will provide better data on the frequency, severity, and locality of cyber incidents that will enhance our collective ability to respond to these events.”
“Through our partnership with MIT and the Board of Governors, we are bringing together a group of researchers and practitioners focused on how financial institutions can measure and manage cyber risk,” shared Jeff Gerlach, Vice President of the Richmond Fed’s Quantitative Supervision and Research unit. “Plans already are underway for a third conference sometime in the spring of 2025. I’m excited to see what this developing community can accomplish going forward.”
An important part of the Fed’s role in helping to ensure a safe, sound and stable banking and financial system is the supervision of banks’ cyber risk management practices. At the Richmond Fed, our Supervision, Regulation and Credit team conducts research on cyber risk and partners with the Board of Governors and other Reserve Banks across the Federal Reserve System to provide financial institutions with resources and training opportunities to complement their cyber risk practices.
Learn more about our supervision and regulation work here.