FAIR Institute Blog

Meet the Members: Michael Lewis and Ashish Shah of Chevron on Bringing FAIR to the Oil and Gas Industry

[fa icon="calendar'] May 13, 2021 7:35:00 AM / by Luke Bader posted in Meet a Member

[fa icon="comment"] 0 Comments

Michael Lewis, Cyber Security and Technology Strategy Planner at Chevron and Ashish Shah, Team Lead of Cyber Security Risk Assessment and Operational Excellence at Chevron, are the Co-Chairs of the Houston Chapter of the FAIR Institute – and have a story to tell about patience and persistence

Read More [fa icon="long-arrow-right"]

FAIR Risk Terminology: ‘Vulnerability’ Is ‘Susceptibility’, the Open Group Says

[fa icon="calendar'] May 6, 2021 10:04:04 AM / by Jeff B. Copeland posted in Key Terms

[fa icon="comment"] 0 Comments

The Open Group Security Forum, the experts who maintain Factor Analysis of Information Risk (FAIR™) as the international standard for cyber risk quantification, recently updated the Open FAIR Body of Knowledge to clarify some risk terminology, including this statement:   

Read More [fa icon="long-arrow-right"]

Meet a Member: Chip Block, FAIR Institute Washington Chapter Lead and Pioneer FAIR Consultant, on Where the Quantification Movement Is Going

[fa icon="calendar'] May 6, 2021 7:45:18 AM / by Luke Bader posted in Meet a Member

[fa icon="comment"] 0 Comments

“I’ve been involved with the FAIR Institute almost from Day One,” says Chip Block, Vice President and Chief Solutions Architect at Evolver, a Converged Security Solutions Company. Chip founded the first local chapter of the FAIR Institute

Read More [fa icon="long-arrow-right"]

Risk-Based GDPR Compliance with FAIR – Q&A with European Chapter Co-Chairs Christophe Foret and Tom Callaghan of C-Risk

[fa icon="calendar'] May 5, 2021 9:57:20 AM / by Jeff B. Copeland

[fa icon="comment"] 1 Comment

With the third anniversary coming up for enforcement of the EU’s General Data Protection Regulation (GDPR), it’s a good time to check in with our European FAIR Institute Chapter Co-Chairs for a read on the regulatory climate.

Read More [fa icon="long-arrow-right"]

Meet a Member: Andy Retrum, Managing Director at Protiviti

[fa icon="calendar'] Apr 29, 2021 7:45:00 AM / by FAIR Institute Staff posted in Meet a Member

[fa icon="comment"] 0 Comments

Andrew Retrum is Managing Director, Global Financial Services Security & Privacy, at Protiviti and an Advisory Board Member for the FAIR Institute. He started his career at one of the big accounting firms before becoming one of the founders of Protiviti

Read More [fa icon="long-arrow-right"]

Register for the Webinar - Women in Cyber Risk: Redefining the Future of Cyber Risk

[fa icon="calendar'] Apr 28, 2021 9:41:30 AM / by Luke Bader posted in Events

[fa icon="comment"] 0 Comments

The FAIR Institute is honored to host our upcoming webinar titled "Women in Cyber Risk: Redefining the Future of Cyber Risk."

We take responsibility for highlighting the diversity of our community and promoting the work of our women leaders.

Read More [fa icon="long-arrow-right"]

Hacking the COVID Cold Chain: A Health Care Sector Example of FAIR

[fa icon="calendar'] Apr 26, 2021 4:06:32 PM / by Colin Connor and Itzik Kotler posted in Risk Management

[fa icon="comment"] 1 Comment

In September, 2020, our IBM X-Force IRIS security analysis group began tracking strange phishing attacks targeting suppliers of HVAC equipment and services.

Read More [fa icon="long-arrow-right"]

Risk Analysis and Worst-Case Thinking

[fa icon="calendar'] Apr 22, 2021 8:08:35 AM / by Osama Salah posted in Member Content

[fa icon="comment"] 2 Comments

The generally accepted model for risk is that it is a function of frequency (some refer to it as probability or likelihood, i.e., how often the loss event will probably occur in a given time frame) and magnitude (how bad the event will probably be, consequences).

Read More [fa icon="long-arrow-right"]

Calculating Your Company’s Total Cybersecurity Risk Exposure (Part 1)

[fa icon="calendar'] Apr 21, 2021 10:11:36 AM / by Gideon Knocke posted in Member Content

[fa icon="comment"] 4 Comments

Quantifying risk scenarios using quantitative analyses helps understanding the exposure to specific risks, however, building a portfolio of quantified risks to understand and manage a company’s risk landscape comes with additional challenges.

Read More [fa icon="long-arrow-right"]

FAIR Institute Events at RSA Conference 2021 – FAIR Training, CISO Success Stories, New Controls Framework from Jack Jones

[fa icon="calendar'] Apr 19, 2021 11:52:40 AM / by Luke Bader posted in FAIR Controls Model

[fa icon="comment"] 0 Comments

We are very excited to be partnering once again with the annual RSA Conference (RSAC21) to host multiple FAIR Institute-led events and sessions over the course of the conference in May. 

Read More [fa icon="long-arrow-right"]
LEARN MORE