The first half of 2023 has been such a surge of community and learning for the FAIR Institute members. As we near closer to 15,000 members worldwide, I am very proud to give a status report of the year so far. The main takeaway is that in-person events are fully back and effective for sharing and networking.
RSA Conference
Institute leadership was present at RSAC23 in April, hosting a FAIR™ Analysis Fundamentals Training Course as well as two Association Seminars. Jack Jones was present and challenged an audience of 400 to move beyond today’s common cyber risk measurement practices that don’t reliably measure risk and re-focus on some basic techniques advanced in Factor Analysis of Information Risk (FAIR™).
International Summits
We are also proud to have hosted our first ever International Summits. The Middle East Summit in Jordan was hosted in March and the Europe Summit in London was hosted in June. Both events brought industry and leading experts from the regions together to connect with and learn from one another.
Both Summits had full rooms of over 80 people in attendance with topics ranging from better governance practices, case studies, board communication tips, and how to effectively meet different regulatory requirements.
A top case study presentation from the Summits was from Pooya Alai and Rebekka Kurland of Maersk on a FAIR analysis for M&A Risk and how FAIR helped them to improve risk visibility and decision making at the organization. You can read more about the session (and Contributing Members can view the whole recording) here.
The success of these first two Summits encourages us to as we look forward to planning more international Summits in the future!
Gartner Security & Risk Summit
Most recently, we met in National Harbor, Maryland, during the Gartner Security & Risk Summit, for a FAIR Institute Breakfast Meeting. Jack Jones laid down a challenge to attendees saying, “There is no evidence that existing risk measurement methods are effective,” pointing to the continuing use of qualitative risk assessments or compliance with frameworks.
The breakfast gathering also heard from Brenda Thayer, Senior Manager, Technology Risk, Fannie Mae, who presented a case study on how her team advanced the organization from ineffective qualitative risk measurement, established FAIR-based governance practices, defined scenarios for risk analysis, prioritized risks, measured risk reduction over time and used FAIR-CAM to evaluate controls.
Coming in the 2nd Half of 2023…
The Institute is focused on re-invigorating local chapter meetings as well, already hosting them in Dallas, Greater Ohio, Atlanta, DC, Paris, And Amman.
A new local chapter in Germany is launching this summer and more information will be shared via email and blog as meetings are scheduled.
And of course, we are very much looking forward to the 2023 FAIR Conference and Training hosted in Washington, D.C. on October 17 & 18. The theme of FAIRCON23 is EMBRACE DIGITAL: Managing the Risk of Digital Transformation, Cloud, and AI.
As organizations are undergoing profound change as they consider taking further advantage of digital transformation, moving critical business services to the cloud, and leveraging artificial intelligence to provide better products and services to their customers, they need to factor in the risks associated with those initiatives. Our agenda at FAIRCON23 will address these challenges and teach attendees the leading practices in the industry from the experts themselves.
It’s been a terrific year so far and we are just getting started. We encourage you to join us at upcoming local events and at FAIRCON23 in October. Invite your colleagues and friends to join as well, there is room for everyone!