Publication Date



Cyber risks are as pervasive as the technology that facilitates their execution. The threat of cyber attacks or plots to deploy cyber weapons against critical government entities, private businesses and domestic and international infrastructure resources creates a most significant risk management concern. Pernicious,perilous and ubiquitous, cyber risks have merged as the newest risk management frontier. While the consequences of cyber attacks against individual financial institutions may be alarming, the interconnectedness of the largest financial institutions in the global economy and their shared dependence on technology render these businesses and the systems that execute their transactions shockingly vulnerable. Because of the unique danger such risks pose in financial markets-threatening the loss of billions of dollars, paralysis of global capital and credit markets and a possible domino-effect of solvency crises among banks and shadow banks-this Essay argues that cyber risks constitute a special class of systemic risks. Indisputably, cyber threats are simply under-theorized. Serving as a pricis to a burgeoning cyber risk management literature, this Essay is among the earliest contributions to explore the intersection between cyber risks and systemic risks in financial markets. This Essay forges a pathway for examining the development of cyber risk regulation and identifying promising opportunities to disarm cyberthreats. This Essay analyzes the various risks that financial institutions face and conventional approaches to manage and mitigate well-known risks. Upon surveying the proposed regulatory and legislative efforts to reduce cyber risks-including the collaborative efforts outlined in the Cybersecurity Information Sharing Act adopted in December of 2015, this Essay rejects the notion that traditional approaches will sufficiently address cyber risk management concerns. This Essay argues that cyber risks require innovative and dynamic strategies that demonstrate the requisite agility to combat cyberthreats.