Federal Reserve researchers Jin‑Wook Chang, Jacob Dice, Shengwu Du, Adam Flury, Sam Jerow, Seung Jung Lee, Stacey Schreft, and Craig Vandre released a study on November 25, 2025, analyzing cyber vulnerabilities across the 100 largest U.S. banks, non‑bank financial institutions (NBFIs), and their third‑party service providers. The proprietary cyber risk analytics model found that NBFIs exhibit greater vulnerabilities than banks, though banks suffer larger relative losses from routine incidents. The analysis highlights third‑party providers as a hidden fault line, often having greater vulnerabilities than the institutions they serve and creating systemic risks. Scenario simulations of catastrophic cyber events targeting these providers indicate potential losses up to about 60 times larger than routine incidents for both large banks and NBFIs, with business interruptions driving most losses.
https://www.federalreserve.gov/econres/feds/cyber-vulnerabilities-at-large-US-financial-institutions-and-their-third-party-service-providers.htm
Made by AI. If you spot anything of concern write us at contact@cybach.com. We’ll promptly correct irregularities.