FUD & CRQ – As the leading advocates for FAIR, the standard for cyber risk quantification, we freely admit that uncertainty, doubt and even fear have dogged the introduction of CRQ
Recent Posts
In Understanding Cyber Risk Quantification: A Buyer’s Guide, (FAIR Institute Contributing membership required to view) Jack Jones, creator of the FAIR cyber risk quantification model, answers some fundamental questions about the purpose of a risk management program.
Looking to learn if cyber risk quantification (CRQ) is a good fit for your organization, then choose a CRQ solution? Well, good luck. The marketplace has been rapidly filling up with vendors loudly claiming that they provide CRQ.
Pooya Alai, a Senior Cybersecurity Risk Manager for Maersk, the global shipping giant and integrator of logistics, came to FAIR™ (Factor Analysis of Information Risk) from a background in enterprise risk management (ERM), not IT, and his first reaction was “I can make something much more complicated than this.”
Meet a Member – Darren Kane, CSO at Australia’s nbn, on Expanding Your Outlook on Security with FAIR
If you’re a CISO or other security or risk professional looking to grow your opportunities, Darren Kane has a message for you: “The idea of a person accountable for security saying I only look after security, all that other (business) stuff doesn’t truly impact on me, it doesn’t work like that anymore
If you want to know what your board directors are hearing about cybersecurity, you’ll probably get a good idea from the research by the World Economic Forum, host of the Davos Conference
The recent Cyber Risk Quantification Landscape, Q4 2022 by Forrester called it a trend -- "Firms in this market…report customers making the transition from experimentation to a more programmatic approach to CRQ”
A recent survey of security and risk management executives by the leading tech consultancy Gartner -- Benchmarking Cyber-Risk Quantification – finds widespread planning and adoption of cyber risk quantification (CRQ) but also points out confusion in the marketplace as to what exactly is CRQ.
Cybersecurity wise man Phil Venables – CISO for Google Cloud, Member of the President's Council of Advisors on Science and Technology (PCAST) -- and many more achievements – recently wrote a blog post to help security leaders report on their performance.
FAIR Institute members were served in 2022 a banquet of blog posts, videos and other content for learning, practicing, evangelizing and defending risk quantification with Factor Analysis of Information Risk (FAIR™).
