If you’re looking to try Factor Analysis of Information Risk (FAIR™) in a lightweight way, these tools and resources will get you started – all of them offered by the FAIR Institute or shared by Institute members, particularly in sessions at the annual FAIR Conference.
7 Basic Tools for FAIR Cyber Risk Analysis
[fa icon="calendar'] May 18, 2022 11:07:03 AM / by Jeff B. Copeland posted in Guides & Tips
10 Reasons Why FAIR Is Winning
[fa icon="calendar'] May 17, 2022 3:57:43 PM / by Nicola (Nick) Sanna posted in FAIR
Why did FAIR™ (Factor Analysis of Information Risk) emerge as the de facto number-one standard model for cyber, technology and operational risk analysis? No other risk model supports defensible quantitative analysis in the financial terms
Harvard Law Article: SEC Proposed Rules a “Game Changer” for Reporting Cyber Risk in Financial Terms
[fa icon="calendar'] May 11, 2022 2:38:01 PM / by Adam Lamantia posted in Guides & Tips
The Harvard Law School Forum on Corporate Governance recently published an article, Proposed SEC Cyber Rules: A Game Changer for Public Companies, that outlines how new SEC rules could require an in-depth understanding of the potential liabilities related to cyber risk
RSA Conference 2022: FAIR Training plus Jack Jones Seminar on the Future of Cyber Risk Management
[fa icon="calendar'] May 11, 2022 8:54:28 AM / by Luke Bader posted in Events
A major presence for the FAIR Institute at the upcoming RSA Conference June 6-9 with two days of training in the fundamentals of FAIR quantitative risk analysis and a morning seminar with Jack Jones, creator of Factor Analysis of Information Risk (FAIR), on the future of cyber risk measurement.
Jack Jones: Automating Cyber Risk Quantification (Part 5 of 5)
[fa icon="calendar'] May 10, 2022 7:45:00 AM / by Jack Jones posted in Jack Jones, Jack Jones on Automating CRQ
In the previous post, I provided examples of some controls-related data that can’t be used to support automated cyber risk quantification (CRQ). But the news isn’t all bad. There are some data that can be used to support CRQ.
How CISOs Can Think Like Business Leaders -- Advice from Michael Carr, CISO at Health First
[fa icon="calendar'] May 4, 2022 12:02:04 PM / by Jeff B. Copeland posted in Guides & Tips
Do you know your hurdle rate? Michael Carr, VP, CTO/CISO, at Health First, the Florida hospital operator and health insurance provider, recently gave a talk to the HealthITSecurity Virtual Summit that covered financial terms and metrics
Jack Jones: Automating Cyber Risk Quantification (Part 4 of 5)
[fa icon="calendar'] May 3, 2022 1:50:19 PM / by Jack Jones posted in Jack Jones, Jack Jones on Automating CRQ
I covered a lot of ground in the previous posts, and rather than summarize them here I’ll assume you’ve read those posts already. So, let’s dive into the last analytic dimension…
Present Your Stories About Scaling a Risk Management Program - Speak at FAIRCON22
[fa icon="calendar'] Apr 27, 2022 8:10:00 AM / by Luke Bader posted in FAIR Conference 2022
Be a part of the 2022 FAIR Conference at the Mandarin Oriental Hotel in Washington, D.C., on September 27 & 28. We are looking for in-person speakers who are experts in scaling and growing quantitative risk management
Jack Jones: Automating Cyber Risk Quantification (Part 3 of 5)
[fa icon="calendar'] Apr 25, 2022 11:45:38 AM / by Jack Jones posted in Jack Jones, Jack Jones on Automating CRQ
In the previous two posts, I briefly discussed that:
- The CRQ market is rapidly growing, and there’s a strong desire to automate CRQ analysis...
Sharpen Your FAIR Skills with these Resources
[fa icon="calendar'] Apr 20, 2022 7:00:00 AM / by Jeff B. Copeland posted in FAIR Institute
In our recent member survey, we asked “please rank the areas in which you would like to learn or sharpen your FAIR-related skills.” Taking a cue from the results, here is a short study guide covering the topics of most educational interest to the FAIR Institute membership.