FAIR Institute Blog

Jeff B. Copeland

Jeff is the Content Marketing Manager for RiskLens.

Recent Posts

The Cybersecurity Social Contract: Q&A with Larry Clinton

[fa icon="calendar'] Aug 17, 2017 7:30:00 AM / by Jeff B. Copeland

[fa icon="comment"] 0 Comments

Larry Clinton has been advocating for cybersecurity in Washington since the days when “I had to start the conversation by spelling ‘cyber’”.  President of the Internet Security Alliance since 2003, Clinton has doggedly pushed Congress and successive Administrations to take a holistic approach to information security issues or, as he calls it, the Cybersecurity Social Contract, laid out in a book of the same title, from the ISA.

Read More [fa icon="long-arrow-right"]

FAIR Is Banks 'Most Commonly Used Approach to Quantifying Cyber Threats', says Risk.net

[fa icon="calendar'] Aug 7, 2017 8:00:00 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

by Jeff B. Copeland 

Read More [fa icon="long-arrow-right"]

Bank CISOs Debate FAIR in Risk.net Article

[fa icon="calendar'] Jul 21, 2017 10:36:48 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

You might say this article, “Bank Cyber Chiefs at Odds Over Risk Models” (registration required) by Steve Marlin, just out on Risk.net, takes a snapshot of the current stage of evolution of banking information security executives, progressing towards a bank cyber risk model that’s as rigorous as the industry's models for market and credit risk. 

Read More [fa icon="long-arrow-right"]

The Problem with Ransomware Risk Data

[fa icon="calendar'] Jul 21, 2017 8:00:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 3 Comments

Hats off to (FAIR Institute Board Member) Wade Baker and partner Jay Jacobs of Cyentia Institute for plowing through all the available public data sources on ransomware and writing two blog posts that are essential reading for anyone serious about estimating ransomware risk from a solid foundation. 

Read More [fa icon="long-arrow-right"]

Ransomware Risk: Setting Up a FAIR Analysis

[fa icon="calendar'] Jul 20, 2017 4:08:12 PM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 2 Comments

Jack Jones recently walked the FAIR Institute’s Data Integration Workgroup monthly call-in through a thinking exercise: Assume you’re the CISO of a mid-sized hospital – how do you understand the risk of ransomware?

Read More [fa icon="long-arrow-right"]

Think You Know Basic Risk Concepts? Take a FAIR Challenge

[fa icon="calendar'] Jun 30, 2017 10:17:29 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

Inherent risk, likelihood, vulnerability: concepts in everyday use in risk analysis that you think you have down pat. Read these three blog posts, and, if you're new to FAIR, we guarantee to make your assumptions topple. If you’re already a FAIR practitioner, you'll learn how to plug these foundational concepts into the FAIR model to solve whatever scenarios come your way.   

Read More [fa icon="long-arrow-right"]

Meet a FAIR Institute Member: Evan Wheeler

[fa icon="calendar'] Jun 21, 2017 9:09:03 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

FAIR Institute Board Member Evan Wheeler is a veteran financial industry risk executive, author, and frequent conference speaker and panelist, particularly on the topic of risk quantification. He’s also one of the most patient and lucid explainers of the FAIR model we’ve ever heard – take a listen to the video of his presentation at the RSA Conference in February, 2017, or read his posts for the FAIR Institute blog.  

Read More [fa icon="long-arrow-right"]

Implementing NIST CSF? Read This First

[fa icon="calendar'] Jun 19, 2017 8:32:33 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

The National Institute of Standards Cybersecurity Framework (NIST CSF for short) is a set of best practices recommended for businesses to protect critical IT infrastructure. Published in 2014, it’s been adopted by about one-third of large companies at least in part, as indicated by a survey of CISOs last year by Tenable Network Security.

Read More [fa icon="long-arrow-right"]

How to Show Due Diligence to Regulators in a Personal Health Information (PHI) Data Breach

[fa icon="calendar'] May 30, 2017 9:44:12 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

Interesting question sparked by an interesting legal case was posed on the FAIR Institute LinkedIn group discussion page recently, and answered by Institute Chairman Jack Jones. The State of New Jersey is trying to take away the license of a prominent psychologist for failing to protect patient privacy, claiming a long-running data breach of patient PHI.

Read More [fa icon="long-arrow-right"]

Meet a FAIR Institute Member: Bill Barouski

[fa icon="calendar'] May 8, 2017 10:52:14 AM / by Jeff B. Copeland posted in FAIR, Fair Institute

[fa icon="comment"] 0 Comments

FAIR Institute Board Member Bill Barouski served as Executive VP and CISO for the Federal Reserve System until mid-2015, overseeing information security for the US central bank, including incident response, as well as information security architecture, standards, policies and programs.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts