FAIR Institute Blog

3 Foundational Videos from Jack Jones on What Is Risk, How FAIR Started, and How to Make a FAIR Quantitative Risk Management Program Work

[fa icon="calendar"] Mar 3, 2021 8:12:00 AM / by Jeff B. Copeland

Jack Jones RSAC 2020 FAIR Seminars HorizontalIf you’re new to Factor Analysis of Information Risk (FAIR™), understand that it’s first of all a movement to bring fresh, critical thinking and new business relevance to risk management for cyber, technology and operations risk.

Like many movements, it has a thought leader, Jack Jones, creator of the FAIR standard and some foundational documents, starting with the FAIR book Measuring and Managing Information Risk, written by Jack with Jack Freund – and some foundational videos by Jack, as well.

For a look at what’s attracted so many to the FAIR movement, watch these: 


Video: How Was FAIR Started?

FAIR was born out of a flash of insight – well, a moment of embarrassment really -- when Jack was a CISO giving a report to the board and was stumped by one director who wanted answers on the business impact of cyber risk. In this short video, Jack describes how that board meeting set him on the path to develop the quantitative analysis method that became the FAIR standard.


Jack Jones - The Bald Tire Scenario in Cyber Risk AnalysisVideo: What Is Risk? The Bald Tire Scenario

The Bald Tire Scenario is a thought exercise that Jack has led audiences through for years as a mind-opener about the preconceptions that can misdirect our viewpoints on risk. Just five minutes, but it’s a ride.


Join the movement: get FAIR training through the FAIR Institute


Video: Enabling Risk Management Programs that Actually Work 

This was Jack’s keynote address to the 2019 FAIR Conference, and an evolutionary leap forward from the first two videos which aimed to introduce FAIR concepts. The FAIR movement had advanced so far in the following few years that the main question had become how to integrate FAIR into the ongoing, daily practice of risk management and actually start showing value for risk reduction in measurable, financial terms – “at an acceptable cost,” as Jack emphasized. In this video, you’ll learn:

  • How to take a more sophisticated approach to return on security investment
  • How to overcome a resistant corporate culture, especially one used to qualitative approaches to risk
  • How to create a roadmap for a quantitative risk management program
  • What capabilities are required on the part of staff to carry out a FAIR-based program


Learn more from Jack:

eBook: An Adoption Guide for FAIR

Understanding Cyber Risk Quantification: The Buyer’s Guide

Topics: Jack Jones

Jeff B. Copeland

Written by Jeff B. Copeland

Jeff is the Content Marketing Manager for RiskLens.

Join the FAIR Community

Subscribe to Email Updates

Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts