FAIR Institute Blog

Video: CISOs and Board Members Talk Closing the Communication Gap

[fa icon="calendar'] Nov 15, 2017 12:51:46 PM / by Jeff B. Copeland posted in FAIR, Risk Management, Fair Conference 2017

[fa icon="comment"] 0 Comments

“It’s relatively rare that you get security leaders and board members together on a panel to talk about things,” says Wade Baker, who moderated “What CISOs Need to Tell the Board About Cyber and Technology Risk” panel discussion at FAIR Conference 2017

Read More [fa icon="long-arrow-right"]

Announcing the 2017 Cyber Risk Management Maturity Benchmark Survey Report

[fa icon="calendar'] Nov 15, 2017 8:13:05 AM / by Luke Bader posted in FAIR, Events

[fa icon="comment"] 0 Comments

The cyber and technology risk profession continues to evolve many of its practices. Because of this, new and unanswered questions reveal themselves, such as:

  • How mature is the profession today?
  • Where are we weakest/strongest?
  • Which improvements in maturity are likely to matter most?
  • How do we rate against others in our industry?
Read More [fa icon="long-arrow-right"]

Loss Event Frequency Explained in 3 Minutes [Video]

[fa icon="calendar'] Nov 14, 2017 10:18:11 AM / by Tim Wynkoop posted in FAIR

[fa icon="comment"] 0 Comments

With large companies under near constant attack from malware, phishing, and hacking attempts, getting an estimate on cybersecurity risk means reaching a clear understanding of how many of the massive number of threats actually turn into losses.

Read More [fa icon="long-arrow-right"]

What Metrics Matter in Risk Management? [Video]

[fa icon="calendar'] Nov 9, 2017 2:08:09 PM / by Isaiah McGowan posted in FAIR, Risk Management, Fair Conference 2017

[fa icon="comment"] 0 Comments

Dashboards. Metrics. Data. Everybody has them; most don’t know how to use them effectively. It’s a bold statement; but, according to Jack Jones and Jack Freund it is a truism in the risk management field.

Read More [fa icon="long-arrow-right"]

When Non-Compliance Is A-OK [Video]

[fa icon="calendar'] Nov 8, 2017 2:50:16 PM / by David Musselwhite posted in FAIR, Risk Management, Fair Conference 2017

[fa icon="comment"] 2 Comments

“You are clearly out of compliance with a federal law.” When you, as a risk management professional, hear this, what is your first reaction?

A. “Yikes! We better fix that immediately!”
B. “That sounds like a problem for the Compliance Department?”
C. “So what? The government has it’s hand in everything, let us run our business!”
D. “Hmm…let’s perform a risk analysis and see if we should be concerned.”

Read More [fa icon="long-arrow-right"]

Jack Jones Interview on the Future of Risk Management [Video]

[fa icon="calendar'] Nov 2, 2017 12:41:14 PM / by Jeff B. Copeland posted in FAIR, Fair Conference 2017

[fa icon="comment"] 0 Comments

In this short video interview for RSA,  Jack Jones, Chairman of the FAIR Institute, and RiskLens CEO Nick Sanna give a high level introduction to the value proposition of FAIR: changing the mindset among risk professionals that keeps them in permanent crisis mode.  

Read More [fa icon="long-arrow-right"]

Standards Groups and Regulators Recognize FAIR

[fa icon="calendar'] Nov 2, 2017 10:02:24 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

The National Institute of Standards and Technology, the Federal Reserve, The Open Group,  PCI – a prestigious list of organizations and agencies cite or suggest FAIR as a leading model for cyber risk analysis and management. Expect this list to grow as more risk professionals and regulators come to the conclusion that simply following risk management frameworks isn't enough–they need quantitative analytical models to make effective decisions on risk. 

 

Read More [fa icon="long-arrow-right"]

A 6-Step Guide to Becoming FAIR Trained

[fa icon="calendar'] Nov 1, 2017 7:00:00 AM / by Luke Bader posted in FAIR

[fa icon="comment"] 0 Comments

Becoming FAIR Trained and Certified will change how you, your team, and your organization view and act on risk. Fully understanding and implementing the FAIR model makes risk professionals into business-aligned leaders, showing their organizations the way to better, more informed and cost-effective decision-making. 

Read More [fa icon="long-arrow-right"]

Q&A: Teaching FAIR to “Security Warriors” at Arizona State University

[fa icon="calendar'] Oct 30, 2017 10:00:00 AM / by Jeff B. Copeland posted in FAIR, Fair Conference 2017

[fa icon="comment"] 0 Comments

Kim Jones is a 30-year cybersecurity and intelligence veteran – his most recent private sector job was CSO at credit card processor Vantiv, where he started experimenting with FAIR more than five years ago. Recently, he turned cyber-educator as Director of the Cybersecurity Education Consortium at Arizona State University. We talked to Kim at the recent FAIR Conference 2017, where he appeared on the panel “What CISOs Need to Tell the Board”.

Read More [fa icon="long-arrow-right"]

FAIR Conference 2017: Highlights from the Sessions

[fa icon="calendar'] Oct 27, 2017 4:01:25 PM / by Jeff B. Copeland posted in FAIR, Events, Fair Conference 2017

[fa icon="comment"] 1 Comment


Front-line experience, freely shared among friends – that about sums up the spirit of the speakers at the recent FAIR Conference 2017, a lineup of leading FAIR practitioners who were amazingly candid about their success and challenges in spreading the
FAIR risk revolution to their organizations.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts