Executive Vice President for Technology Risk
Financial Services Roundtable
Acting Director, Office of Critical Infrastructure Protection and Compliance Policy
US Department of the Treasury
Vice President and Regulatory Counsel
Independent Community Bankers of America
Nonresident Senior Fellow, Cyber Statecraft Initiative
Brent Scowcroft Center on International Security
Additional speakers will be announced
The financial industry spends more than any other sector on Internet security. Keeping a focus on resilience, this sector has perhaps the most extensive defenses to deal with threats that range from insiders, to organized crime, fraud, and intrusions, to nation-state sponsored disruptive attacks. With an existing global governance structure, the finance sector is also perhaps the most international of all infrastructure sectors. Yet gaps remain both within systemically critical firms and in the overall system itself, that could initiate or amplify global cyber shocks.
The fifth Cyber Risk Wednesday discussion will focus on cybersecurity challenges facing this sector and methods of reducing the existing and future vulnerabilities.
Cyber Risk Wednesdays event series brings experts from government and industry together with policymakers to examine topics at the core of the Cyber Statecraft Initiative’s study of interrelated cyber hazards and underlying concentrations of risks. The series is designed to expose stakeholders from the technology, policy, and risk management communities to vibrant new cyber topics and provide a venue for the exchange of ideas.
Be part of the conversation and interact with the experts by submitting questions via Twitter at #CyberWednesdays.
About the Project:
Even as more companies and governments are increasingly critically exposed to cyber risks, there has been little thinking on systemic cyber risks. In some ways, this is strikingly similar to how the financial sector handled risks preceding the 2008 crisis. Prior to then, financial risks were assessed one organization at a time, not recognizing how a shock to one sector (subprime mortgages) might cascade to take down everyone else, even those who didn’t own at-risk mortgages. Similarly, cybersecurity professionals follow the same method today, looking at cyber vulnerabilities one organization or one nation at a time, without looking at the systemic risks to the overall system. Strong security may not shield even the best-protected companies from cascading cyber shocks.