He discussed the importance of measuring cyber risk, highlighted some challenges that financial institutions face in measuring cyber risk, and assessed several leading cyber-risk management methodologies. Fox also provided some recommendations for bank exams and insights into how federal agencies might begin to quantify systemic cyber risk. This paper summarizes Fox’s presentation and is supplemented by additional research.