FAIR Institute Blog

RSAC 2018: FAIR Among the “Silver Linings” After a Bad Year for Cybersecurity

[fa icon="calendar'] Apr 20, 2018 5:10:33 PM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

After the shocking disruptions caused by WannaCry, the massive and immediate financial losses incurred because of NotPetya, and the sad and continued trend of each new year being "The Year of the Breach," the 50,000 cybersecurity practitioners and vendors gathered for the RSA Conference in San Francisco this week were ready for some good, uplifting post-2017 news.

Read More [fa icon="long-arrow-right"]

Finding Your Goldilocks Moment in Cyber Risk Analysis

[fa icon="calendar'] Apr 20, 2018 4:27:34 PM / by Teresa Suarez posted in FAIR

[fa icon="comment"] 0 Comments

In a perfect world, a quantitative cyber risk analysis would always leverage data that is both accurate and precise. Heck, every sort of financial analysis, whether personal or organizational, would leverage data and produce results that are both accurate and precise.

Read More [fa icon="long-arrow-right"]

“From No Data to Drowning in Data – A Reality Check”: Jack Jones Speaks at RSA

[fa icon="calendar'] Apr 19, 2018 9:30:00 AM / by Jeff B. Copeland posted in FAIR, Events

[fa icon="comment"] 0 Comments

“Your organization has data regarding umpteen thousand unpatched vulnerabilities…So what? What decisions need to be made?” FAIR Institute Chairman Jack Jones asked an audience at the RSA Conference this week

Read More [fa icon="long-arrow-right"]

How to Model Controls in a FAIR Risk Analysis

[fa icon="calendar'] Apr 12, 2018 9:00:00 AM / by Rebecca Merritt posted in FAIR

[fa icon="comment"] 2 Comments

As a former auditor, I understand the value a control has for an organization, a process or an application.  But, I’ll be honest I used to think a control was one dimensional. It didn’t really matter what the control protected, if the control wasn’t functioning properly or configured exactly to a ‘T’, it was failing.

Read More [fa icon="long-arrow-right"]

FAIR Institute Expands Education Partnerships

[fa icon="calendar'] Apr 10, 2018 9:00:00 AM / by Luke Bader posted in FAIR, FAIR University

[fa icon="comment"] 0 Comments

In September, 2017,  the FAIR Institute launched the FAIR University Curriculum with the goal of helping to fill a void in the industry by assisting academia in building information risk management programs and developing the next generation of cyber risk executives.

Read More [fa icon="long-arrow-right"]

RiskRecon to Sponsor the FAIR Institute

[fa icon="calendar'] Apr 9, 2018 9:00:00 AM / by Luke Bader

[fa icon="comment"] 0 Comments

The FAIR Institute is excited to announce our newest sponsoring partner, third-party risk management provider RiskRecon. RiskRecon’s continuous monitoring solution delivers prioritized action plans that enable precise and efficient elimination of your most critical third-party security risks.

Read More [fa icon="long-arrow-right"]

FAIR Institute Events at the 2018 RSA Conference

[fa icon="calendar'] Apr 5, 2018 10:25:25 AM / by Luke Bader posted in FAIR, Events

[fa icon="comment"] 0 Comments

The FAIR Institute is excited to have our Chairman, Jack Jones, represent the Institute at multiple events and sessions at the 2018 RSA Conference in San Francisco later this month. If you’re in town attending the conference, stop by the events below to hear Jack speak on the importance of quantitative analysis--and to say hello.

Read More [fa icon="long-arrow-right"]

Webinar on Demand: Jack Jones' Tips on SEC Cybersecurity Guidance

[fa icon="calendar'] Apr 5, 2018 9:49:33 AM / by Jeff B. Copeland posted in FAIR, Jack Jones

[fa icon="comment"] 0 Comments

The Securities and Exchange Commission’s new guidance on cybersecurity risk disclosure landed with a thud in board rooms, C-suites and infosecurity shops, particularly for its requirements on reporting ongoing cyber risks

Read More [fa icon="long-arrow-right"]

Who (or What) Is Really a “Cyber Threat”

[fa icon="calendar'] Apr 2, 2018 3:10:15 PM / by David Musselwhite posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

The MIT Technology Review recently published an article about what they called “cyber threats.” While the article identifies trending attack methods and scenarios to be concerned about, none of the things that made the list are actually threats.

Read More [fa icon="long-arrow-right"]

Jack Jones Webinar on SEC Cyber Risk Disclosure Guidance: The FAIR Advantage

[fa icon="calendar'] Mar 29, 2018 11:37:13 AM / by Jeff B. Copeland posted in FAIR, Jack Jones

[fa icon="comment"] 0 Comments

Join Jack Jones, creator of the FAIR model for risk analysis, for a webinar on Tuesday, April 3, at 2 PM ET on “New SEC Cyber Risk Disclosure Guidance: The FAIR Advantage”.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts