FAIR Institute Blog

Meet the FAIR™ evangelist at the US Department of Agriculture, Caleb Juhnke, a contracted Senior Cyber Risk analyst, part of the leading edge introducing quantitative cyber risk analysis to the federal government

If you’re new to Factor Analysis of Information Risk (FAIR™), understand that it’s first of all a movement

It’s a risk analyst’s nightmare: An extremely low-frequency event with extremely high magnitude impact. That’s what the state of Texas has been living through

The hack at the Oldsmar, Florida, water treatment plant, an attempt to inject harmful levels of lye, drew headlines fretting over the possibility of cyber-terror striking a utility sector with “few protections against hacking,” as the Wall St. Journal said.

Here’s a step-by-step look at how an experienced FAIR™ analyst starts with nebulous concerns that may fill your risk register now – items like Privileged Access Management, The Cloud, Data Breach – and shapes them into risk statements to set up a FAIR analysis.  

Cybersecurity is no longer strictly an IT issue or even a risk management issue, it’s a strategic issue that runs across the enterprise, and boards need to oversee it accordingly.

We’re hearing from members that the market for cyber insurance has grown very tight, so we contacted Chip Block, chair of the Washington-area Chapter of the FAIR Institute, longtime cyber insurance expert

Are your risk analyses suffering from scope creep, uncooperative SMEs, unbelievable results? Or are you just looking to make your well-oiled quantitative risk analysis process run even more smoothly?

John A. Wheeler, Risk Management Technology Advisor for leading tech consultancy Gartner, is out with a LinkedIn blog post that forecasts 2021 as a year of “uncertainty and change”

FAIR Institute Chairman Jack Jones recently appeared on the Privacy Please podcast hosted by Cameron Ivey and Gabe Crumbs of Spirion, the data protection company