The 2019 FAIR Conference at the Gaylord National Resort & Convention Center in National Harbor near DC on September 24-25, will honor risk management leaders for their initiative, ingenuity and contributions to information and operational risk management.
When Tim Titcomb was first introduced to FAIR by co-workers at Fidelity, "we walked out of the room and sort of shrugged and we did not have the red pill/blue pill moment. But I'd been looking for an opportunity to re-engergize the risk team I had just taken over, give us some direction and really start to do more proactive risk assessment...
From time to time, we come across some interesting FAIR related thoughts being shared by our partners. Last week, a fascinating webinar was hosted by Institute Technical Advisor, RiskLens
The most important step in conducting a quantitative cyber risk analysis is scoping - identifying the asset, threat, and effect related to the scenario at hand. But what happens if you are so excited to get into your FAIR analysis that you skip this crucial step?
FAIR Institute Chairman and FAIR model creator Jack Jones gives a concise, high level view of the limitations of conventional thinking in the cybersecurity profession, and how FAIR and a quantitative approach to cyber risk shows the way forward, in this Enterprise Security Weekly podcast hosted by Paul Asadoorian.
Synopsis: The Common Vulnerability Scoring System (CVSS) is used throughout various industries for scoring vulnerabilities based on several metrics. These metrics focus on confidentiality, integrity and availability, the very well known CIA triad ingrained in the mentality of cybersecurity professionals and extends to maturity and environmental when and where the additional information is required.
How can you determine at what point in a piece of IT hardware’s lifecycle it should be updated? Using FAIR, the international standard for quantitative cyber and technology risk management, it is as simple as a three-step process.
If you’ve been in the cybersecurity profession for any length of time, you’ll have heard (or said) the old chestnut about two hikers who run into a bear on the trail. One hiker immediately takes off his hiking boots and puts on his running shoes.
Intel revealed a new speculative execution vulnerability named ZombieLoad and it is yet another processor execution bug in the style of Spectre and Meltdown that were made public in January of 2018.
The FAIR Institute is proud to announce the newest addition to the FAIR Institute Board of Advisors, Donna Gallaher, President and CEO, New Oceans Enterprises.