Sarah J. Dahlgren, executive vice president and member of the Bank’s Management Committee, head of the Financial Institution Supervision Group at the Federal Reserve Bank of New York – Remarks at the OpRisk North America Annual Conference, New York City:

I am often asked about my list of “things that keep me awake at night,” and I think it’s fair to say that cybersecurity is at the top of that list—as I’m sure it is for many of you in this room. In fact, I think cybersecurity is one of the topics that should be on everyone’s list—from the most senior managers and boards of directors, all the way down to line managers. Cybersecurity is not a topic or an issue just for the Information Technology staff or the CIO to address; it is a risk that isn’t exclusive in who, what or where it targets.

• It is a risk that is difficult to clearly define.
• It is a risk that is constantly evolving.
• It is a risk that is not limited to one source.
• It is a risk that is faced by every single financial firm, regardless of size or complexity.
• In fact, it is a risk that is faced by every business, organization, school, church or group that uses technology. In other words, no company is immune (unless, of course, you operate an all cash business from a brick and mortar store and keep your earnings under your mattress—not something we see a lot of in today’s world).”