At the 2022 FAIR Conference, three accomplished risk management innovators received the highest honors in the 2022 FAIR Excellence Awards, for their initiative, contributions and ingenuity to cybersecurity and operational risk management.
Conference host, FAIR Institute, is a non-profit organization advancing risk measurement and management practices based on Factor Analysis of Information Risk (FAIR™), the standard risk taxonomy and analysis model for cybersecurity and operational risk.
The hybrid event, attended by hundreds of cybersecurity and operational risk executives, policy makers and regulators, was held virtually and in-person in Washington, D.C.
The awards recognize the impact these professionals have on their organizations and on their profession by enabling operational excellence and effective decision-making, and in balancing the need to protect their organizations while running the business.
For 2022, three awards have been bestowed on industry leaders: FAIR Ambassador Award, FAIR Champion Award, and Business Innovator Award. Award nominations were reviewed, and the winners were selected by a panel of FAIR Institute Advisory Board members.
The FAIR Ambassador Award recognizes a member’s work in bringing FAIR knowledge and the FAIR Institute to a new geography or industry. This year's award winner is Caleb Juhnke, senior risk engineer, Equinix.
Juhnke has been instrumental in developing the Kansas City FAIR Chapter and in widely promoting FAIR knowledge and best practices in the region and beyond. He has rich insights into FAIR approaches, how they can be rolled out at organizations, and challenges with FAIR adoption that he shares and champions across the Kansas City region.
Award finalists were Julian Meyrick, managing partner and vice president, security strategy risk and compliance, IBM Security; and Adham Etoom, head of policy, National Cyber Security Center, Government of Jordan.
The FAIR Champion Award honors leaders at the forefront of their organization’s FAIR initiative who get business and data owners on board, stakeholders to help improve risk analysis quality, and decision-makers to incorporate resulting risk insights as part of their business strategies, decision-making processes, and operating rhythms. Winning the award this year is Neil Davis, head of cyber risk management, Maersk.
With little outside consulting help, Davis has driven a FAIR-based risk management program across cyber, IT and operational risks at Maersk. He has created unique risk simulations for targeted user groups on big themes. As a result, Maersk's risk register is being rebuilt with a FAIR framework in mind for a fully quantitative approach.
Award finalists were Robert Herse, information security manager, Quantitative Risk Management Program, Freddie Mac; and Chris Mutzbauer, lead analyst, VETERANS UNITED.
The Business Innovator Award salutes risk professionals who have successfully applied FAIR principles to drive innovation. Taking this year's award is Cedric De Carvalho, head of group cyber risk, Richemont.
De Carvalho has brought risk quantification to an organization comprised of many separate operating companies. He has spearheaded the development of a new way of assessing cyber risk for mergers and acquisitions, and he has integrated quantitative cyber risk assessments with Richemont’s governance, risk, and compliance workflows.
Award finalists were Matt Lathrom, interim CIO at GEHA, and Brenda Thayer, senior manager, technology risk, Fannie Mae.
“Caleb, Neil, and Cedric are shining examples of what our profession should be aiming for in terms of risk management vision, analysis depth and commitment to excellence,” said Jack Jones, chairman of the FAIR Institute. “We are proud to recognize their exceptional contribution to advancing our profession.”
FAIR Institute Chairman Jack Jones, FAIR Award Winner Caleb Juhnke, Board Member Donna Gallaher, President Nick Sanna
Jack Jones, FAIR Award Winner Cedric De Carvalho, Board Member Sounil Yu, Nick Sanna