Fed's Cybersecurity Analytics Support Team monitors cyber-risks and vulnerabilities within the financial sector
Fed experts and others provide tips on how businesses and consumers can protect against cyber intrusions
Like many businesses and governments across the globe, the financial services industry is under a daily barrage of cyberattacks intended to breach firewalls, computers, and vital information systems. While individual commercial banks are responsible for their own cybersecurity, a team of experts within the Federal Reserve’s Supervision and Regulation function supports Fed-supervised financial institutions by monitoring and analyzing the threats they face.
Led by the Federal Reserve Bank of Cleveland, the Cybersecurity Analytics Support Team, or CAST, shares information and conducts training exercises with bank examiners and others across the Federal Reserve System. The team’s goals? To increase knowledge of hacker methods and to communicate common red flags that might indicate a financial institution has been compromised.
Part of CAST’s value is its ability to see the bigger picture, according to Ryan Macfarlane, a supervisory special agent for the FBI’s Cleveland office who works closely with members of the team. “They have threat intelligence inputs, along with knowledge of the financial system infrastructure, allowing them to understand and map out the impact of an incident or active threats. Their perspective is invaluable,” says Macfarlane.
In its latest multimedia storytelling piece, the Cleveland Fed explores how the Cybersecurity Analytics Support Team works to mitigate cybersecurity risks for banks. In addition, CAST members and other experts interviewed for the piece describe common cyber threats and provide tips for protecting against cyber intrusions.
For businesses, the experts recommend, among other things, properly patching and updating networks, encrypting data, using password vaults, and training employees to safeguard against social engineering.
Tips for consumers include keeping up with software updates, using long passwords, and cultivating a healthy suspicion of e-mail attachments and social media direct messages.
“Practicing constant vigilance is key,” notes the Cleveland Fed’s Jason Tarnowski, CAST’s senior officer.
On October 30, 2018, more than 100 bank executives, regulators, and cybersecurity experts from across the country explored the evolving nature of cyberattacks and ways to mitigate them during a cybersecurity conference sponsored by the Federal Reserve Bank of Cleveland, one of the first such conferences hosted within the Federal Reserve System. Discussions ranged from cyberthreat actors and their motivations to the effect of blockchain technology on the financial sector. See “Experts Discuss Cyber-Risks at Cleveland Fed Conference” in The Threats, the Criminals, the Motives—Cybersecurity at the Fed.