This month’s FAIR Institute Data Utilization and Cyber Risk workgroup calls had excellent attendance and some great dialog. I’m always pleased/impressed with the quality of thinking people bring to the these calls.
During the March meeting of the Operational Risk Workgroup, the members took on a project to recast a list of top operational risks using the FAIR risk model. Every year, you’ll find numerous lists of supposed “top risks” from analysts, surveys, professional organizations, etc. with something in common: They don’t actually provide true risks.
Every year the masses of information security professionals gather at the Moscone Center in San Francisco for the RSA Conference looking for opportunities to learn from peers and discuss their latest challenges, and this year was no different. I had the privilege to share my own perspective as a speaker in the GRC track.
“Likelihood” is one of those words, like “risk” itself, that appears repeatedly in the risk management literature but casts as much shadow as light on the subject. In this article, we’ll see that likelihood is a probability, and why it is sometimes best expressed as an expected frequency of occurrence.
In this short 5 min video, FAIR author Jack Jones gives an overview of the FAIR model for risk measurement and management, the training opportunities for FAIR and the professional organization, the FAIR Institute.
Listen carefully around the halls of the Moscone Center and you could hear a shift in the buzz at this year’s RSA Conference, compared to years past.
“When will you be home?”
I have finally learned how to respond to text messages like this – and more pointedly how not to.
If you weren't able to make it to San Francisco for both the FAIR Institute Breakfast Meeting and RSA Conference 2017, here is your chance to hear Jack Jones' presentation on the characteristics of a risk-aligned leader.
Just one year old, the FAIR Institute has hit 1,000 members, including cyber and operational risk executives from some of the biggest names in corporate America and the public sector.
Last time on "A Year in the Life of OpenFAIR," we covered the establishment of an internal risk triage tool that my firm developed.