If you’re new to Factor Analysis of Information Risk (FAIR™), understand that it’s first of all a movement to bring fresh, critical thinking and new business relevance to risk management for cyber, technology and operations risk.
Like many movements, it has a thought leader, Jack Jones, creator of the FAIR standard and some foundational documents, starting with the FAIR book Measuring and Managing Information Risk, written by Jack with Jack Freund – and some foundational videos by Jack, as well.
For a look at what’s attracted so many to the FAIR movement, watch these:
FAIR was born out of a flash of insight – well, a moment of embarrassment really -- when Jack was a CISO giving a report to the board and was stumped by one director who wanted answers on the business impact of cyber risk. In this short video, Jack describes how that board meeting set him on the path to develop the quantitative analysis method that became the FAIR standard.
Video: What Is Risk? The Bald Tire Scenario
The Bald Tire Scenario is a thought exercise that Jack has led audiences through for years as a mind-opener about the preconceptions that can misdirect our viewpoints on risk. Just five minutes, but it’s a ride.
Join the movement: get FAIR training through the FAIR Institute
Video: Enabling Risk Management Programs that Actually Work
This was Jack’s keynote address to the 2019 FAIR Conference, and an evolutionary leap forward from the first two videos which aimed to introduce FAIR concepts. The FAIR movement had advanced so far in the following few years that the main question had become how to integrate FAIR into the ongoing, daily practice of risk management and actually start showing value for risk reduction in measurable, financial terms – “at an acceptable cost,” as Jack emphasized. In this video, you’ll learn:
- How to take a more sophisticated approach to return on security investment
- How to overcome a resistant corporate culture, especially one used to qualitative approaches to risk
- How to create a roadmap for a quantitative risk management program
- What capabilities are required on the part of staff to carry out a FAIR-based program
Learn more from Jack:
eBook: An Adoption Guide for FAIR