If you’re looking to try Factor Analysis of Information Risk (FAIR™) in a lightweight way, these tools and resources will get you started – all of them offered by the FAIR Institute or shared by Institute members, particularly in sessions at the annual FAIR Conference.
Why did FAIR™ (Factor Analysis of Information Risk) emerge as the de facto number-one standard model for cyber, technology and operational risk analysis? No other risk model supports defensible quantitative analysis in the financial terms
Harvard Law Article: SEC Proposed Rules a “Game Changer” for Reporting Cyber Risk in Financial Terms
The Harvard Law School Forum on Corporate Governance recently published an article, Proposed SEC Cyber Rules: A Game Changer for Public Companies, that outlines how new SEC rules could require an in-depth understanding of the potential liabilities related to cyber risk
A major presence for the FAIR Institute at the upcoming RSA Conference June 6-9 with two days of training in the fundamentals of FAIR quantitative risk analysis and a morning seminar with Jack Jones, creator of Factor Analysis of Information Risk (FAIR), on the future of cyber risk measurement.
In the previous post, I provided examples of some controls-related data that can’t be used to support automated cyber risk quantification (CRQ). But the news isn’t all bad. There are some data that can be used to support CRQ.
Do you know your hurdle rate? Michael Carr, VP, CTO/CISO, at Health First, the Florida hospital operator and health insurance provider, recently gave a talk to the HealthITSecurity Virtual Summit that covered financial terms and metrics
I covered a lot of ground in the previous posts, and rather than summarize them here I’ll assume you’ve read those posts already. So, let’s dive into the last analytic dimension…
Be a part of the 2022 FAIR Conference at the Mandarin Oriental Hotel in Washington, D.C., on September 27 & 28. We are looking for in-person speakers who are experts in scaling and growing quantitative risk management
In the previous two posts, I briefly discussed that:
- The CRQ market is rapidly growing, and there’s a strong desire to automate CRQ analysis...
In our recent member survey, we asked “please rank the areas in which you would like to learn or sharpen your FAIR-related skills.” Taking a cue from the results, here is a short study guide covering the topics of most educational interest to the FAIR Institute membership.
