While individual commercial banks are responsible for their own cybersecurity, the Federal Reserve System’s Supervision and Regulation Cybersecurity Analytics Support Team, or CAST, supports Fed-supervised institutions by monitoring and analyzing the threats they face. “Understanding cyberthreats against the financial sector, along with threats against other critical infrastructure components that could indirectly affect the sector, is extremely important,” says Jason Tarnowski, CAST’s senior officer. “It provides for more timely coordination with our financial institutions and our supervisory response.”
Understanding cyberthreats against the financial sector, along with threats against other critical infrastructure components that could indirectly affect the sector, is extremely important. It provides for more timely coordination with our financial institutions and supervisory response.
Jason Tarnowski, vice president of Risk Supervision and Surveillance, Federal Reserve Bank of Cleveland
Led by the Cleveland Fed and based in its Supervision and Regulation group, CAST assists bank supervision across all 12 Reserve Banks. The team’s members have backgrounds in business and military intelligence and expertise in cyberwarfare, banking supervision, and information technology.
CAST members analyze cyber events and threats of all varieties—from high-impact cyber events that result in the loss of large amounts of sensitive data or money to low-impact threats that have little effect on financial stability or data security. Information is shared with bank examiners and others throughout the Federal Reserve System to address such events and to evaluate how threats are evolving, what new trends are emerging, and how similar attacks might unfold in the future. The goals are to increase knowledge of hacker methods and to communicate common red flags that might indicate an institution has been compromised.
CAST regularly briefs Federal Reserve System examiners on cybersecurity threats and incidents to ensure readiness and foster improved coordination of response efforts across the financial system. “CAST plays a vital role in assessing the severity of cyberattacks to the financial sector,” says Dr. Nida Davis, associate director at the Board of Governors of the Federal Reserve System. “Nobody can stop threats; what we can do is mitigate them. The nature of this work is 24/7, and we need as many qualified cyber experts on hand as possible. CAST has that expertise, which is why they are such a valuable partner in this fight.”
Nobody can stop threats; what we can do is mitigate them. The nature of this work is 24/7, and we need as many qualified cyber experts on hand as possible.
Dr. Nida Davis, associate director, Board of Governors of the Federal Reserve System
The team coordinates training exercises with regulators and banks that mimic real cybersecurity attacks and thrust participants into complex, high-pressure simulations that require quick decisionmaking.
Part of CAST’s value is its ability to see the bigger picture, according to Ryan Macfarlane, a supervisory special agent for the FBI’s Cleveland office who works closely with members of the team. Because the Fed’s people supervise many banks and other financial organizations, they have a broader perspective of the threat landscape that means “they can often shed more light onto the level of severity of an incident,” says Macfarlane. “Too often, organizations will just slap a bandage on the problem without really trying to understand the issue. This behavior opens your organization up for future vulnerability and, potentially, further loss of assets.”
This frontier continues to change dynamically, and the Fed makes sure they have the right talent at the table with the knowledge to understand the balance it takes to simultaneously offer financial services and protect client data.
Deborah Guild, chief security officer, PNC Bank
“They [CAST] have threat intelligence inputs, along with knowledge of the financial system infrastructure, allowing them to understand and map out the impact of an incident or active threats. Their perspective is invaluable,” says Macfarlane.
CAST also understands that financial institutions need to maintain critical business functions even as they fend off hackers, says Deborah Guild, PNC Bank’s chief security officer. “This frontier continues to change dynamically, and the Fed makes sure they have the right talent at the table with the knowledge to understand the balance it takes to simultaneously offer financial services and protect client data,” Guild says.