FAIR Institute Blog

Video: What Is Risk? The Bald Tire Scenario [Updated]

[fa icon="calendar'] Aug 8, 2017 8:47:00 AM / by FAIR Institute Staff posted in FAIR

[fa icon="comment"] 1 Comment

How much risk is associated with a bald tire? It depends...

In this video,  Jack Jones walks you through the classic scenario (from his book Measuring and Managing Information Risk: a FAIR Approachwith a lesson about making assumptions and how that affects risk analysis and communication about risk. 

Read More [fa icon="long-arrow-right"]

FAIR Is Banks 'Most Commonly Used Approach to Quantifying Cyber Threats', says Risk.net

[fa icon="calendar'] Aug 7, 2017 8:00:00 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

by Jeff B. Copeland 

Read More [fa icon="long-arrow-right"]

Meet the On-site FAIR Training Instructors of FAIRCON17

[fa icon="calendar'] Aug 2, 2017 11:35:46 AM / by Vanessa McCoy posted in Fair Conference 2017

[fa icon="comment"] 0 Comments

If you're attending the FAIR Conference in Dallas this year–and are looking to take your risk analysis skills to the next level–join us for on-site, introductory FAIR training, October 17-19,  immediately following FAIRCON17.  

Read More [fa icon="long-arrow-right"]

Take the 2017 Risk Management Maturity Survey

[fa icon="calendar'] Aug 1, 2017 10:14:28 AM / by Luke Bader posted in FAIR, Fair Conference 2017

[fa icon="comment"] 0 Comments

The FAIR Institute, in partnership with ISARiskLens and RSA, is sponsoring the 2017 Risk Management Maturity Survey, an opportunity for cyber and information risk professionals to rate their risk management practices and benchmark their organizations against their peers. 

Read More [fa icon="long-arrow-right"]

A FAIR View of Risk Appetite - Part 4 (finally!)

[fa icon="calendar'] Aug 1, 2017 8:00:00 AM / by Jack Jones posted in FAIR

[fa icon="comment"] 0 Comments

Some of you may recall a series of posts I wrote on this topic last year. In the third post of that series I said I’d write another post that lays the foundation for dealing with risk appetite more effectively.  Well, here we are a year later and I’m finally going to fulfill that promise.  Hopefully, you’ll find the wait worthwhile.

Read More [fa icon="long-arrow-right"]

Anatomy of a FAIR Risk Analysis: Confidential Data in Email

[fa icon="calendar'] Jul 30, 2017 8:00:00 PM / by Rebecca Merritt posted in FAIR

[fa icon="comment"] 1 Comment

In November, 2016, a Boeing employee emailed his spouse a spreadsheet from work because he needed help with formatting. In the spreadsheet: names, ID numbers, dates of birth and Social Security numbers for 36,000 Boeing employees. 

Read More [fa icon="long-arrow-right"]

5 Things You'll Learn at FAIRCON17

[fa icon="calendar'] Jul 27, 2017 4:10:04 PM / by Luke Bader posted in Fair Conference 2017

[fa icon="comment"] 0 Comments

The 2017 FAIR Conference is less than 3 months away: October 16 and 17 in Dallas, Texas. This exclusive conference brings leaders in information and operational risk management together to explore FAIR best practices that produce greater value and alignment with business goals. 

Read More [fa icon="long-arrow-right"]

Secrets to Gathering Good Data for a Risk Analysis

[fa icon="calendar'] Jul 27, 2017 3:04:34 PM / by Tyanna Smith posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

“I don’t know.”

“I have no idea.”

“Where would I get that information?”

“I have no way of getting that information.”

These are just a couple of the common responses we see when someone first attempts an analysis.
Read More [fa icon="long-arrow-right"]

Bank CISOs Debate FAIR in Risk.net Article

[fa icon="calendar'] Jul 21, 2017 10:36:48 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

You might say this article, “Bank Cyber Chiefs at Odds Over Risk Models” (registration required) by Steve Marlin, just out on Risk.net, takes a snapshot of the current stage of evolution of banking information security executives, progressing towards a bank cyber risk model that’s as rigorous as the industry's models for market and credit risk. 

Read More [fa icon="long-arrow-right"]

The Problem with Ransomware Risk Data

[fa icon="calendar'] Jul 21, 2017 8:00:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 3 Comments

Hats off to (FAIR Institute Board Member) Wade Baker and partner Jay Jacobs of Cyentia Institute for plowing through all the available public data sources on ransomware and writing two blog posts that are essential reading for anyone serious about estimating ransomware risk from a solid foundation. 

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts