FAIR Institute Blog

Join Us on Feb. 23: FAIR University Curriculum Virtual Panel Webinar

[fa icon="calendar'] Feb 15, 2018 11:16:04 AM / by Luke Bader posted in FAIR, Fair Institute, FAIR University

[fa icon="comment"] 0 Comments

Interested in building a state-of-the-art information risk management course at your university? Join us for the FAIR University Curriculum Virtual Panel Webinar on Friday, February 23rd, at 1 PM EST.

Read More [fa icon="long-arrow-right"]

Announcing the 2018 FAIR Conference at Carnegie Mellon University

[fa icon="calendar'] Feb 12, 2018 10:00:00 AM / by Luke Bader posted in FAIR, Fair Institute, FAIR Conference 2018

[fa icon="comment"] 0 Comments

The FAIR Institute is very excited to announce that the we will be hosting the third annual FAIR Conference (FAIRCON18) at Carnegie Mellon University in Pittsburgh, Pennsylvania, on October 16 -17, 2018.

Read More [fa icon="long-arrow-right"]

For Better Risk Assessments in SSAE 18 Audits, Try Quantification with FAIR

[fa icon="calendar'] Feb 9, 2018 4:08:05 PM / by Rachel Slabotsky posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

One of my final initiatives prior to leaving public accounting and entering my new role in risk management was helping organizations prepare for the changes introduced by AICPA in the SSAE 18 audit standard, which went into effect in May 2017.

Read More [fa icon="long-arrow-right"]

Case Study: Demystifying ICS Cyber Risk with FAIR

[fa icon="calendar'] Feb 7, 2018 9:10:00 AM / by Michael Radigan posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Simply put, when Industrial Control System (ICS) cyber risk is accurately modeled, measured, quantified and normalized with mechanical / industrial operational risk, it is then demystified.  

Read More [fa icon="long-arrow-right"]

Is Cyber Risk Measurement Just Guessing? -- Part 2

[fa icon="calendar'] Feb 6, 2018 2:17:28 PM / by Jack Jones posted in FAIR

[fa icon="comment"] 6 Comments

In the first post of this series, I focused on answering a commonly expressed concern about the reliability of cyber risk measurement. At the end of that post, I mentioned that some readers might draw a distinction between an example I gave and the real world of cyber risk measurement. 

Read More [fa icon="long-arrow-right"]

Webinar: Cyber and the Law (It's Really About the Money)

[fa icon="calendar'] Jan 31, 2018 9:00:00 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

For a quick introduction to cybersecurity law, take a listen to a new webcast from Evolver, a FAIR-powered consultancy that specializes in legal tech, cyber insurance and other info-risk concerns.

Read More [fa icon="long-arrow-right"]

Key to Success in Risk Analysis? Trust the (FAIR) Process

[fa icon="calendar'] Jan 30, 2018 9:14:12 AM / by Rebecca Merritt posted in FAIR

[fa icon="comment"] 0 Comments

Time and time again I see analysts perform a FAIR risk analysis but get caught up in searching for the absolute perfect data or second guessing the results. 

Read More [fa icon="long-arrow-right"]

3 Risk Identification Questions You Should Be Asking

[fa icon="calendar'] Jan 29, 2018 10:33:25 AM / by David Musselwhite posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Risk managers are always seeking to address the risks that matter most to their organizations. But you can’t analyze and prioritize what you don’t identify.

Read More [fa icon="long-arrow-right"]

Save the Date: FAIR Institute Breakfast at RSA Conference 2018

[fa icon="calendar'] Jan 25, 2018 9:56:53 AM / by Luke Bader posted in FAIR, Events, Fair Institute

[fa icon="comment"] 0 Comments

We are happy to announce that the annual FAIR Institute Breakfast Meeting during the RSA Conference 2018, will be held in downtown San Francisco from 7:30 - 10 AM on April 18, 2018.

Read More [fa icon="long-arrow-right"]

Pressing for FAIR: Our Comments and Recommendations on NIST CSF 1.1

[fa icon="calendar'] Jan 24, 2018 5:05:20 PM / by Luke Bader posted in FAIR

[fa icon="comment"] 3 Comments


Earlier this month, The FAIR Institute partnered with The Open Group to submit comments and recommendations to the draft version 1.1 of NIST's Cybersecurity Framework (NIST CSF). The NIST CSF and its Framework Core were created in 2014 to provide guidance on how organizations can better “Identify, Protect, Detect, Respond, Recover” when assessing cyber threats.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts