Fed’s Cybersecurity Analytics Support Team monitors cyber-risks and vulnerabilities within the financial sector

Fed experts and others provide tips on how businesses and consumers can protect against cyber intrusions

Like many businesses and governments across the globe, the financial services industry is under a daily barrage of cyberattacks intended to breach firewalls, computers, and vital information systems. While individual commercial banks are responsible for their own cybersecurity, a team of experts within the Federal Reserve’s Supervision and Regulation function supports Fed-supervised financial institutions by monitoring and analyzing the threats they face.

Led by the Federal Reserve Bank of Cleveland, the Cybersecurity Analytics Support Team, or CAST, shares information and conducts training exercises with bank examiners and others across the Federal Reserve System. The team’s goals? To increase knowledge of hacker methods and to communicate common red flags that might indicate a financial institution has been compromised.

Part of CAST’s value is its ability to see the bigger picture, according to Ryan Macfarlane, a supervisory special agent for the FBI’s Cleveland office who works closely with members of the team. “They have threat intelligence inputs, along with knowledge of the financial system infrastructure, allowing them to understand and map out the impact of an incident or active threats. Their perspective is invaluable,” says Macfarlane.

In its latest multimedia storytelling piece, the Cleveland Fed explores how the Cybersecurity Analytics Support Team works to mitigate cybersecurity risks for banks. In addition, CAST members and other experts interviewed for the piece describe common cyber threats and provide tips for protecting against cyber intrusions.

For businesses, the experts recommend, among other things, properly patching and updating networks, encrypting data, using password vaults, and training employees to safeguard against social engineering.

Tips for consumers include keeping up with software updates, using long passwords, and cultivating a healthy suspicion of e-mail attachments and social media direct messages.

“Practicing constant vigilance is key,” notes the Cleveland Fed’s Jason Tarnowski, CAST’s senior officer.

Read The Threats, the Criminals, the Motives—Cybersecurity at the Fed.

On October 30, 2018, more than 100 bank executives, regulators, and cybersecurity experts from across the country explored the evolving nature of cyberattacks and ways to mitigate them during a cybersecurity conference sponsored by the Federal Reserve Bank of Cleveland, one of the first such conferences hosted within the Federal Reserve System. Discussions ranged from cyberthreat actors and their motivations to the effect of blockchain technology on the financial sector. See “Experts Discuss Cyber-Risks at Cleveland Fed Conference” in The Threats, the Criminals, the Motives—Cybersecurity at the Fed.

Federal Reserve Bank of Cleveland

The Federal Reserve Bank of Cleveland is one of 12 regional Reserve Banks that along with the Board of Governors in Washington DC comprise the Federal Reserve System. Part of the US central bank, the Cleveland Fed participates in the formulation of our nation’s monetary policy, supervises banking organizations, provides payment and other services to financial institutions and to the US Treasury, and performs many activities that support Federal Reserve operations System-wide. In addition, the Bank supports the well-being of communities across the Fourth Federal Reserve District through a wide array of research, outreach, and educational activities.

The Cleveland Fed, with branches in Cincinnati and Pittsburgh, serves an area that comprises Ohio, western Pennsylvania, eastern Kentucky, and the northern panhandle of West Virginia.

Media contact

Doug Campbell, doug.campbell@clev.frb.org, 513.455.4479