CISO Omar Khawaja built a highly rated security program for Highmark Health, the major manager of health plans and hospitals – but something was missing, he told Health IT Security in a recently published interview.
(We just added the video so you can watch in its entirety this significant speech looking back and forward on US government cybersecurity policy. Watch the video now. FAIR Institute membership and LINK community site registration -- both free-- required to view the video.)
Last week’s 2019 FAIR Conference in National Harbor, MD, drew a record crowd of enthusiastic practitioners and learners of FAIR quantitative risk analysis. thorough media coverage of the event spread the word to a wider audience that risk management, particularly on the cyber side, is undergoing a fundamental change for the better
Like Day One of FAIRCON19, the second day of the FAIR Institute’s annual gathering covered a wide range of top-of-mind topics for cybersecurity and risk professionals
The theme of the 2019 FAIR Conference that kicked off Tuesday is "How to Build a Quantitative Risk Management Program with FAIR" and comes with plenty of signs that the FAIR movement is pushing forward into wide acceptance
FAIR Institute Chairman and FAIR model creator Jack Jones started his keynote for the 2019 FAIR Conference at National Harbor, MD, with a question: “What’s the cost of a $5 million risk management program?” all in with salaries, services, technology, etc. Much more than you think, Jack pointed out.
SC Media has awarded FAIR Institute Chairman Jack Jones with the SC Media Reboot Leadership Award in the Non-Profit Founders category. Jack is the creator of Factor Analysis of Information Risk, the FAIR model for risk quantification that is indeed rebooting risk management
In a new survey for Microsoft and insurance broker Marsh, only 17% of the senior executives surveyed said they spent more than a few days cumulatively over the past year on cyber risk. More than half, 51%, spent several hours or less. Yet 80% of organizations ranked cyber risk as a top-five concern.
In an important article for ISSA Journal, Jack Freund, PhD, co-author of the FAIR book, Measuring and Managing Information Risk, introduces the concept of a Cyber Risk Intelligence Framework that combines four standard frameworks, including FAIR
Today marks a milestone in FAIR history as NIST has formally published FAIR as an Informative Reference to the NIST CSF, the most widely used cybersecurity framework in the U.S. This means that there is mapping between FAIR and the NIST CSF standard in the sections covering risk analysis and risk management.