From Jack Jones, Chairman of the FAIR Institute and creator of the FAIR model for cyber risk quantification (CRQ) — the definitive guide to understanding CRQ: What it is (and isn't), its value proposition and limitations, and facts regarding the misperceptions that are commonplace.
Chris Porter first learned about FAIR years ago working in cybersecurity at Verizon, where he led the respected DBIR report, developed the Vocabulary for Event Recording and Incident Sharing (VERIS) system for classifying security events, and later built the company’s threat intel team.
When Tim Titcomb was first introduced to FAIR by co-workers at Fidelity, "we walked out of the room and sort of shrugged and we did not have the red pill/blue pill moment. But I'd been looking for an opportunity to re-engergize the risk team I had just taken over, give us some direction and really start to do more proactive risk assessment...
FAIR Institute Chairman and FAIR model creator Jack Jones gives a concise, high level view of the limitations of conventional thinking in the cybersecurity profession, and how FAIR and a quantitative approach to cyber risk shows the way forward, in this Enterprise Security Weekly podcast hosted by Paul Asadoorian.
Looking for a Quantitative Cyber Risk Specialist, a Risk Quantification Analyst or even a Senior Factor Analysis of Information Risk (FAIR) Analyst? It’s a sign of the rapid adoption of FAIR that organizations have recently been advertising for new hires with those titles
It’s an issue that comes up again and again at FAIR conferences, chapter meetings, webcasts or discussion boards: “I get the value of FAIR quantitative risk analysis – but I don’t know how or where I could start implementing it.”
You’ve tried your hand at running one-off scenarios with FAIR, say to identify your top risks – now learn an ongoing use for FAIR to monitor your key risk indicators (KRIs).
The FAIR Institute partnered with CyberVista, the leading cybersecurity education and workforce development company, in 2018—first project, an Institute-endorsed FAIR educational program for board executives.
New England FAIR Chapter Co-Chair, and Vice President for Enterprise Cybersecurity at Fidelity Investments, the giant ($7.4 trillion in customer assets) mutual fund company, Jim Robert has been a FAIR practitioner for three years.
The FAIR Institute hosted its annual FAIR Breakfast in San Francisco in conjunction with the RSA Conference, featuring a panel of experienced FAIR practitioners. Scroll down the page for the videos – watch for a wealth of tips on starting and running a quantitative risk analysis program.