The Federal Reserve Bank of New York partnered with Columbia University’s School of International and Public Affairs (SIPA) for the second annual State-of-the-Field Conference on Cyber Risk to Financial Stability on December 14-15, 2020. Hosted virtually due to the COVID-19 pandemic, the conference took place amidst the unfolding news of a cyberattack against a major cybersecurity vendor and software vendor, underscoring vulnerabilities from cyber risk.
Cyber risk poses a major threat to financial stability, yet financial institutions still lack consensus on the definition and terminology around cyber risk, and lack a common framework for confronting these hazards. This impedes efforts to measure and manage such risk, diminishing institutions’ individual and collective readiness to handle system-level cyber threats. In this blog post, we describe the proceedings of a recent workshop, where leading risk managers, academics, and policy makers gathered to discuss proposals for countering cyber risk. This workshop is part of a joint two-phase initiative between the Federal Reserve Banks of Richmond and New York and the Fed’s Board of Governors to harmonize cyber risk identification, classification, and measurement practices.