The terms “risk appetite” and its close cousin “risk tolerance” are often poorly understood, very rarely used to good effect, and commonly used interchangeably.
2022 FAIR Awards Honor Caleb Juhnke (Equinix), Neil Davis (Maersk), and Cedric De Carvalho (Richemont) for Risk Management Vision
At the 2022 FAIR Conference, three accomplished risk management innovators received the highest honors in the 2022 FAIR Excellence Awards, for their initiative, contributions and ingenuity to cybersecurity and operational risk management.
Andrew Retrum is Managing Director, Global Financial Services Security & Privacy, at Protiviti and an Advisory Board Member for the FAIR Institute. He started his career at one of the big accounting firms before becoming one of the founders of Protiviti
Lawfare Blog Post on Enterprise Cybersecurity Measurement Makes the Case for Integrating FAIR in a 'Modular' Defense
With permission, we are re-publishing this post from Lawfare, the influential blog that covers the intersection between law and national security.
FAIR Institute Partners with RiskLens to Provide Free FAIR Training to Historically Black Colleges and Universities
The FAIR Institute is dedicated to being a welcoming place for all information security professionals to join, learn, and network with one another. As a community composed of professionals of all nationalities, races, genders, and religions, we believe there is an innate responsibility to stand up against hate, racism, and bigotry
FAIR Book Co-Author Jack Freund’s Advice on 3rd Party Risk in New ISACA White Paper
Establishing a third-party vendor risk management program can be a challenging undertaking. There are so many things to consider, not the least of which is what technology to use, staff augmentation strategies you might employ, and upon which frameworks you should base the program.
Protiviti Joins FAIR Institute as Founding Sponsor in Advisory Services to Advance the Use of Risk Quantification
First consulting firm to become a strategic sponsor, Protiviti joins community of companies supporting the FAIR model for information risk management
Enterprises operate their businesses on third-party platforms and services. Outsourcing of systems and services often involves significant risk, bestowing custodial responsibilities of large amounts of sensitive data and transaction capabilities to third-parties.
How much risk is associated with a bald tire? It depends...
In this video, Jack Jones walks you through the classic scenario (from his book Measuring and Managing Information Risk: a FAIR Approach) with a lesson about making assumptions and how that affects risk analysis and communication about risk.
We hope that you're already planning to attend FAIR Institute's annual FAIR Conference, FAIRCON17, later this year on October 16 and 17. Take advantage of our "Early Bird" pricing special, available through June 30, by clicking here.
However, you may be interested in doing more than just attending!