FAIR Institute Blog

Jeff B. Copeland

Jeff is the Content Marketing Manager for RiskLens.

Recent Posts

Considering FAIR? Listen to this CISO’s Journey to Quantification

[fa icon="calendar'] Jun 9, 2021 3:17:58 PM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

We often talk about the “FAIR™ journey” up from qualitative, compliance-oriented, or other less disciplined forms of cyber risk management to Factor Analysis of Information Risk.

Read More [fa icon="long-arrow-right"]

“What They Didn’t Teach You in FAIR School” – Ground-level Insights on Building a Successful Quantitative Risk Analysis Program from Jack Whitsitt

[fa icon="calendar'] Jun 3, 2021 8:30:00 AM / by Jeff B. Copeland posted in FAIR, Member Content

[fa icon="comment"] 0 Comments

Jack Whitsitt has been a FAIR practitioner since 2016, built the quantitative risk analysis program at Bank of America and is now doing the same at Datto (the services provider to MSPs)

Read More [fa icon="long-arrow-right"]

Jack Jones Previews the FAIR Controls Analytics Model (FAIR-CAM) at the 2021 RSA Conference

[fa icon="calendar'] May 24, 2021 11:56:19 AM / by Jeff B. Copeland posted in Jack Jones, FAIR Controls Model

[fa icon="comment"] 0 Comments

Jack Jones, creator of Factor Analysis of Information Risk (FAIR™), the international standard for quantification of cyber risk, gave an RSAC21 audience a preview of his breakthrough FAIR Controls Analytics Model (FAIR-CAM) that will, for the first time, enable security teams to reliably evaluate how controls affect risk in quantitative terms.

Read More [fa icon="long-arrow-right"]

Watch the RSAC21 Seminar: Intro to Managing and Communicating Cyber Risk in Business Terms with FAIR

[fa icon="calendar'] May 18, 2021 11:00:19 AM / by Jeff B. Copeland posted in FAIR Training

[fa icon="comment"] 0 Comments

Learn the basics of Factor Analysis of Information Risk (FAIR™) and the case for risk quantification from FAIR creator Jack Jones, see FAIR analysis in action and hear practical tips

Read More [fa icon="long-arrow-right"]

FAIR Risk Terminology: ‘Vulnerability’ Is ‘Susceptibility’, the Open Group Says

[fa icon="calendar'] May 6, 2021 10:04:04 AM / by Jeff B. Copeland posted in Key Terms

[fa icon="comment"] 1 Comment

The Open Group Security Forum, the experts who maintain Factor Analysis of Information Risk (FAIR™) as the international standard for cyber risk quantification, recently updated the Open FAIR Body of Knowledge to clarify some risk terminology, including this statement:   

Read More [fa icon="long-arrow-right"]

Risk-Based GDPR Compliance with FAIR – Q&A with European Chapter Co-Chairs Christophe Foret and Tom Callaghan of C-Risk

[fa icon="calendar'] May 5, 2021 9:57:20 AM / by Jeff B. Copeland

[fa icon="comment"] 1 Comment

With the third anniversary coming up for enforcement of the EU’s General Data Protection Regulation (GDPR), it’s a good time to check in with our European FAIR Institute Chapter Co-Chairs for a read on the regulatory climate.

Read More [fa icon="long-arrow-right"]

FAIR Risk Basics: What Is Loss Magnitude?

[fa icon="calendar'] Apr 15, 2021 4:11:25 PM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 5 Comments

Factor Analysis of Information Risk (FAIR™) defines “risk” in a way that’s both simple and useful.  

Risk = the probable frequency and probable magnitude of future loss

Read More [fa icon="long-arrow-right"]

White House Will Nominate Chris Inglis, Former NSA Deputy Director and FAIR Conference Speaker, to Be National Cyber Director

[fa icon="calendar'] Apr 13, 2021 11:25:21 AM / by Jeff B. Copeland posted in Government, Recognition for FAIR

[fa icon="comment"] 0 Comments

Pres. Biden announced his intention to nominate Chris Inglis for the new National Cyber Director role, coordinating cybersecurity across civilian agencies.

Read More [fa icon="long-arrow-right"]

Australia Holding Board Members Responsible for Cyber Risk Exposure – Sydney Chapter Co-Chair Denny Wan Explains How to Comply with FAIR

[fa icon="calendar'] Mar 24, 2021 7:42:00 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

The Australian Prudential Regulation Authority (APRA), the licensing authority for banks, employer-sponsored retirement (“superannuation”) funds, financial services and insurance companies, is placing responsibility for cybersecurity squarely on board members

Read More [fa icon="long-arrow-right"]

Watch Out for these 5 ‘Cyber Risk Quantification’ Methods. They Don’t Support Cost-Effective Risk Management

[fa icon="calendar'] Mar 16, 2021 11:31:09 AM / by Jeff B. Copeland posted in Jack Jones

[fa icon="comment"] 0 Comments

As the popularity of cyber risk quantification (CRQ) grows, so grows the confusion in the marketplace about choosing the right cyber risk quantification solution among many with the CRQ label.  

Read More [fa icon="long-arrow-right"]
LEARN MORE