For a quick introduction to cybersecurity law, take a listen to a new webcast from Evolver, a FAIR-powered consultancy that specializes in legal tech, cyber insurance and other info-risk concerns.
On his recent FAIR Institute Cyber Risk Workgroup Call (membership required), FAIR model creator Jack Jones fielded this question: If you had to judge an organization in terms of how well it manages risk using just one metric, what one metric would you use?
If you practice risk management in a regulated industry, particularly finance, you’ll want to watch this video of a discussion at the recent FAIR Conference 2017 in Dallas that brought together veteran regulators from the Federal Reserve and Office of Comptroller of the Currency (OCC), plus an insurance company attorney and privacy officer.
Welcome the United Arab Emirates to the FAIR Institute’s global network—the Abu Dhabi Chapter holds its first meeting this week, thanks to the work of organizer Osama Salah.
FAIR leaders from Walmart, Chevron and Hewlett Packard Enterprise sat down with FAIR creator Jack Jones for a panel discussion at the recent FAIR Conference 2017 to talk over the unavoidable mindset changes that go along with successfully introducing the FAIR risk model to an organization.
“It’s relatively rare that you get security leaders and board members together on a panel to talk about things,” says Wade Baker, who moderated “What CISOs Need to Tell the Board About Cyber and Technology Risk” panel discussion at FAIR Conference 2017.
In this short video interview for RSA, Jack Jones, Chairman of the FAIR Institute, and RiskLens CEO Nick Sanna give a high level introduction to the value proposition of FAIR: changing the mindset among risk professionals that keeps them in permanent crisis mode.
The National Institute of Standards and Technology, the Federal Reserve, The Open Group, PCI – a prestigious list of organizations and agencies cite or suggest FAIR as a leading model for cyber risk analysis and management. Expect this list to grow as more risk professionals and regulators come to the conclusion that simply following risk management frameworks isn't enough–they need quantitative analytical models to make effective decisions on risk.
Kim Jones is a 30-year cybersecurity and intelligence veteran – his most recent private sector job was CSO at credit card processor Vantiv, where he started experimenting with FAIR more than five years ago. Recently, he turned cyber-educator as Director of the Cybersecurity Education Consortium at Arizona State University. We talked to Kim at the recent FAIR Conference 2017, where he appeared on the panel “What CISOs Need to Tell the Board”.
Front-line experience, freely shared among friends – that about sums up the spirit of the speakers at the recent FAIR Conference 2017, a lineup of leading FAIR practitioners who were amazingly candid about their success and challenges in spreading the FAIR risk revolution to their organizations.