HOME OF FAIR

THE STANDARD QUANTITATIVE MODEL FOR INFORMATION SECURITY AND OPERATIONAL RISK

Join leading information risk, cybersecurity and business executives to collaborate on the development and the sharing of industry-leading best practices for quantifying and managing information risk.

A STANDARD BY
partners_12
TECHNICAL ADVISOR
partners_09
SPONSORS
partners_09
EDUCATION PARTNERS

partners_03      partners_06      partners_17       FAIR_yellow_49                        

RECENT BLOGS

3 Ways to Gather Loss Magnitude Data (from Your Cubicle)


A while back I wrote a post called The Dangers of Being a Cubicle Risk Analyst.  The premise being that a good risk analyst could not gather all of the information necessary to run a sound and defensible risk analysis from what they could gather in their four walls.  A good risk analyst ventures out to gather both loss event frequency and loss magnitude data from those in the know throughout the organization. 

Read More >>

How to Analyze Your Risk from GDPR: A FAIR Approach

As the final months approach before the EU's General Data Protection Regulation (GDPR) goes into effect in May, 2018, organizations are making significant investments to ensure they are prepared for the changes to come, particularly the strict rules on handling consumers’ personally identifiable information (PII).

Read More >>

To Bring Value in a Risk Analysis, Tell a Story and Provide a Solution

Imagine this – an issue is assigned to your risk analyst team, either by your management, someone in the business, or perhaps it's some area of weakness your own team identified. After completing the analysis, now it's time to prepare a presentation on the risk results.

Read More >>

SEE ALL BLOGS

POPULAR BLOGS

Post Image
5 Must Read Books to Jumpstart Your Career in Risk Management

What are the must have resources for people new to operational and cyber risk? This list outlines what books I would recommend to new analyst or manager.

They’re not ranked by which book is best....

Read More >>
Post Image
What is a Cyber Value-at-Risk Model?

Over the past year, executive teams and board members across multiple industries have started to ask questions more forcefully about the risk posed by cybersecurity attacks. They are no longer...

Read More >>
Post Image
NIST CSF & FAIR - Part 1

The question often arises, “How is FAIR different from (or better than) a framework like NIST’s Cybersecurity Framework (CSF)?” The simple answer is: FAIR isn’t inherently better or worse; it is...

Read More >>

Take Your Career to the Next Level with FAIR Training!

After completing the FAIR Analysis Fundamentals course, analysts will be able to run quantitative risk analyses and inform better decision-making in their organization.

Learn more about FAIR Training today!