The aggregate set of vulnerabilities created when many institutions depend on the same models, vendors, data feeds, or agentic infrastructure, so that a single failure or exploit propagates across all of them at once. Concentration converts idiosyncratic operational risk into correlated, system-wide risk.
How it works
When firms standardise on a handful of common dependencies — the same foundation model, cloud region, market-data vendor, or automated trading agent — the points of entry for failure or attack are no longer firm-specific but shared. A flaw, outage, or adversarial exploit in the common layer hits every dependent simultaneously, turning diversifiable risk into a correlated tail event that defeats firm-level hedging.
Why it matters now
As agentic AI and a narrow set of model and cloud providers move into production across trading, payments, and risk functions in 2025-2026, the same concentration that drove efficiency now creates a single point of failure regulators and risk officers are only beginning to stress-test.
Example
The July 2024 CrowdStrike update is the canonical demonstration: a single faulty content file pushed to a widely deployed endpoint agent grounded airlines, halted hospital systems, and disrupted banks worldwide within hours — not because each firm was individually compromised, but because they shared one dependency. The concern for 2026 is the analogous event in shared AI agents executing financial workflows.
Frequently asked
- What is a shared attack surface?
- A shared attack surface is the aggregate set of vulnerabilities created when many institutions depend on the same models, vendors, cloud regions, or agentic infrastructure, so one failure propagates across all of them simultaneously. Concentration converts firm-specific operational risk into correlated, system-wide risk that defeats firm-level hedging. The July 2024 CrowdStrike outage, which grounded airlines and disrupted banks worldwide, is the canonical demonstration.
- Why does a shared attack surface matter for financial stability?
- A shared attack surface matters because it turns diversifiable operational risk into a correlated tail event that no single firm can hedge away. When trading, payments, and risk functions standardise on a narrow set of model and cloud providers in 2025-2026, a flaw in the common layer hits every dependent at once, producing the kind of system-wide disruption regulators historically associated with bank runs or interbank contagion.
- How does a shared attack surface differ from concentration risk?
- A shared attack surface is the technical-dependency expression of concentration risk, focused on the specific entry points an outage or exploit can hit. Concentration risk describes any over-reliance on one counterparty, asset, or provider; shared attack surface narrows that to the vulnerabilities that propagate failure simultaneously across firms sharing the same model, vendor, or agentic stack.
- How does agentic AI increase the shared attack surface?
- Agentic AI increases the shared attack surface because many firms execute financial workflows through the same foundation models, API providers, and automated agents. An adversarial prompt, model update, or upstream outage can then misfire across every dependent desk at once. As agentic systems move into production trading and payments in 2025-2026, regulators and risk officers are only beginning to stress-test this single point of failure.
- Was the 2024 CrowdStrike outage a shared attack surface event?
- Yes, the July 2024 CrowdStrike outage is the canonical shared attack surface event. A single faulty content update pushed to a widely deployed endpoint agent grounded airlines, halted hospital systems, and disrupted banks within hours — not because each firm was individually compromised, but because they shared one dependency. The 2026 concern is an analogous event in shared AI agents executing financial workflows.