FUD & CRQ – As the leading advocates for FAIR, the standard for cyber risk quantification, we freely admit that uncertainty, doubt and even fear have dogged the introduction of CRQ
Jeff B. Copeland
Recent Posts
Fear of Cyber Risk Quantification? Read This.
[fa icon="calendar'] Mar 8, 2023 8:45:00 AM / by Jeff B. Copeland posted in Guides & Tips
8 Goals for a Cyber Risk Management Program
[fa icon="calendar'] Feb 28, 2023 8:45:00 AM / by Jeff B. Copeland posted in Guides & Tips
In Understanding Cyber Risk Quantification: A Buyer’s Guide, (FAIR Institute Contributing membership required to view) Jack Jones, creator of the FAIR cyber risk quantification model, answers some fundamental questions about the purpose of a risk management program.
Jack Jones Releases New Edition of the CRQ Buyer’s Guide to Cut through Risk Quantification Hype (Q&A with Jack)
[fa icon="calendar'] Feb 27, 2023 9:00:00 AM / by Jeff B. Copeland posted in Guides & Tips
Looking to learn if cyber risk quantification (CRQ) is a good fit for your organization, then choose a CRQ solution? Well, good luck. The marketplace has been rapidly filling up with vendors loudly claiming that they provide CRQ.
Meet a Member: Pooya Alai, Senior Cybersecurity Risk Manager for Maersk on Unblocking the Decision Process with FAIR
[fa icon="calendar'] Feb 16, 2023 6:30:00 AM / by Jeff B. Copeland posted in Meet a Member
Pooya Alai, a Senior Cybersecurity Risk Manager for Maersk, the global shipping giant and integrator of logistics, came to FAIR™ (Factor Analysis of Information Risk) from a background in enterprise risk management (ERM), not IT, and his first reaction was “I can make something much more complicated than this.”
Meet a Member – Darren Kane, CSO at Australia’s nbn, on Expanding Your Outlook on Security with FAIR
[fa icon="calendar'] Jan 24, 2023 10:10:39 AM / by Jeff B. Copeland posted in Meet a Member
If you’re a CISO or other security or risk professional looking to grow your opportunities, Darren Kane has a message for you: “The idea of a person accountable for security saying I only look after security, all that other (business) stuff doesn’t truly impact on me, it doesn’t work like that anymore
The Good News: World Economic Forum Finds CISOs and Boards Talking More
[fa icon="calendar'] Jan 19, 2023 8:39:28 AM / by Jeff B. Copeland posted in Risk Management
If you want to know what your board directors are hearing about cybersecurity, you’ll probably get a good idea from the research by the World Economic Forum, host of the Davos Conference
6-Point Checklist to Launch a FAIR Quantitative Risk Management Program
[fa icon="calendar'] Jan 12, 2023 6:30:00 AM / by Jeff B. Copeland posted in FAIR Program Launch
The recent Cyber Risk Quantification Landscape, Q4 2022 by Forrester called it a trend -- "Firms in this market…report customers making the transition from experimentation to a more programmatic approach to CRQ”
Gartner Survey Finds Widespread Planning, Adoption of Cyber Risk Quantification, Depending on How You Define CRQ
[fa icon="calendar'] Jan 11, 2023 12:11:26 PM / by Jeff B. Copeland
A recent survey of security and risk management executives by the leading tech consultancy Gartner -- Benchmarking Cyber-Risk Quantification – finds widespread planning and adoption of cyber risk quantification (CRQ) but also points out confusion in the marketplace as to what exactly is CRQ.
Phil Venables’ 9 Ways to Report Cybersecurity Success – Plus 1 for Risk Quantification
[fa icon="calendar'] Jan 4, 2023 11:08:18 AM / by Jeff B. Copeland posted in Guides & Tips
Cybersecurity wise man Phil Venables – CISO for Google Cloud, Member of the President's Council of Advisors on Science and Technology (PCAST) -- and many more achievements – recently wrote a blog post to help security leaders report on their performance.
Most Popular Blog Posts Published in 2022, Starring Jack Jones, Controls Analytics, 2 FAIRCON’s and Debunking Misinformation about CRQ
[fa icon="calendar'] Dec 27, 2022 11:07:48 AM / by Jeff B. Copeland posted in Guides & Tips
FAIR Institute members were served in 2022 a banquet of blog posts, videos and other content for learning, practicing, evangelizing and defending risk quantification with Factor Analysis of Information Risk (FAIR™).