Cyber Threats: The Financial System’s Top Risk

[ This article was originally published here ]

60 Minutes Jerome PowellWith cyber attacks against financial and banking institutions now a daily occurrence, cyber threats have become the biggest risk to the global financial system, according to Federal Reserve Chairman Jerome Powell.

During an interview on CBS News’ 60 Minutes, Powell said cyber risks surpass even the types of lending and liquidity risks that led to the Great Recession in 2008. The chances of a financial collapse akin to 2008 are “very low,” he said. “But the world changes, the world evolves, and the risks change as well. The risk we keep our eyes on the most is cyber risk.”

If hackers succeeded in shutting down a major payment processor, which would seriously disrupt the flow of money between financial institutions, it could bring large sectors of the overall financial system to their knees, he said.

"We spend so much time and energy and money guarding against these things,” Powell said during 60 Minutes episode that aired April 11. “There are cyber attacks every day on all major institutions now. That’s a big part of the threat picture in today’s world.” Both the federal government and private institutions are putting a lot of effort into protection against cyber threats, he said.

Powell reiterated his cyber risk comments on April 14 during an interview with David Rubenstein at the Economic Club of Washington D.C. 

The Great Recession resulted from banks and mortgage lenders approving risky mortgages that they then resold to other financial institutions. The practice caused housing prices to skyrocket but also created unsustainable risks for lenders, some of which failed, causing a global financial collapse.

That Powell now considers cyber risks a greater threat than an occurrence similar to what caused the 2008 collapse underscores just how dangerous the cyber threat landscape has become. The International Monetary Fund estimates that cyber threats can cost banks 9% of their net income globally, which adds up to about $100 billion.

Cyber risks are compounded by the challenge of hiring qualified professionals to build cybersecurity teams. It’s a challenge that affects organizations across the board, not just financial institutions.

(ISC)² estimates the cybersecurity skills gap is now about 3 million worldwide. To help organizations in all sectors build skilled cybersecurity teams, (ISC)² has published an enterprise training program guide, which you can download here.