FAIR Institute Blog

Amazon S3 Bucket Data Breaches – a FAIR Risk Analysis

[fa icon="calendar'] Oct 6, 2017 8:00:00 AM / by Rebecca Merritt posted in FAIR, Risk Management, Case Studies

[fa icon="comment"] 1 Comment

Sensitive documents from the US National Geospatial-Intelligence Agency…data on 14 million Verizon customers…voter information on 198 million Americans…Just a few of the reports this year on data breaches—or open data discovered by security researchers before a breach occurred—on Amazon S3 “buckets”.

Read More [fa icon="long-arrow-right"]

Case Study: NIST Digital Identity Guidelines and FAIR “Made for Each Other”

[fa icon="calendar'] Sep 29, 2017 5:15:42 PM / by Jeff B. Copeland posted in FAIR, Case Studies

[fa icon="comment"] 0 Comments

The new NIST 800-63-3 Digital Identity Guidelines and FAIR were “made for each other”, writes Chip Block, VP at Evolver, Inc., (the operator of large-scale security operations centers for government and business) in an article just published on The Security Ledger website  -- the guidelines establish levels of security based on risk, and FAIR sets monetary values for the risk, enabling organizations to prioritize spending.

Read More [fa icon="long-arrow-right"]

Pro Tip for FAIR Risk Scenario Analysis: Map It

[fa icon="calendar'] Apr 10, 2017 10:41:26 AM / by Cody Whelan posted in FAIR, Case Studies

[fa icon="comment"] 2 Comments

I just wrapped an engagement helping a really great customer identify their top ten risks. Talk about commitment: They organized a book club where members of Information Security,  Privacy and Audit were actively studying the FAIR book, Measuring and Managing Information Risk.

At the last club meeting, somebody said “I love the FAIR model and risk quantification. But how do I apply this to the risks that face me and my department?”

Read More [fa icon="long-arrow-right"]

Video Now Available: Measuring DDoS Risk Using FAIR

[fa icon="calendar'] Nov 17, 2016 4:00:00 PM / by James Finn posted in FAIR, Risk Management, Events, Case Studies

[fa icon="comment"] 0 Comments

When Tony Martin-Vegue, Cyber Risk Manager at National Mortgage Insurance, presented this case study on measuring Distributed Denial of Service (DDoS) risk at FAIR Conference 2016, the world was only a week away from one of the largest DDoS attacks in history to-date.

Read More [fa icon="long-arrow-right"]

Video Now Available: Presenting The Top 10 Risks To The Board

[fa icon="calendar'] Oct 31, 2016 2:30:00 PM / by James Finn posted in FAIR, Events, Case Studies

[fa icon="comment"] 0 Comments

Chad Weinman and Isaiah McGowan from RiskLens presented a case study on "Presenting The Top 10 Risks To The Board" at FAIR Conference 2016.

Read More [fa icon="long-arrow-right"]

Video: A FAIR Case Study From Bank of Montreal

[fa icon="calendar'] May 12, 2016 11:30:00 AM / by Jon Matthews posted in FAIR, Case Studies

[fa icon="comment"] 0 Comments

This case study by Laura Payne on 'Quantitative Risk Analysis & Information Security' does a very good job in explaining the journey of an organization like BMO, as it evolved from a 'High, Medium and Low' approach to measure and express risk to to a more scientific and quantitative approach. 

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts