FAIR Institute Blog

Jeff B. Copeland

Jeff is the Content Marketing Manager for RiskLens.

Recent Posts

No Time to Talk Cyber Risk, Senior Executives Say

[fa icon="calendar'] Sep 19, 2019 8:14:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

In a new survey for Microsoft and insurance broker Marsh, only 17% of the senior executives surveyed said they spent more than a few days cumulatively over the past year on cyber risk. More than half, 51%, spent several hours or less. Yet 80% of organizations ranked cyber risk as a top-five concern.

Read More [fa icon="long-arrow-right"]

Creating a Cyber Risk Intelligence Framework with FAIR – Jack Freund in ISSA Journal

[fa icon="calendar'] Sep 17, 2019 8:45:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 1 Comment

In an important article for ISSA Journal, Jack Freund, PhD, co-author of the FAIR book, Measuring and Managing Information Risk, introduces the concept of a Cyber Risk Intelligence Framework that combines four standard frameworks, including FAIR

Read More [fa icon="long-arrow-right"]

NIST Maps FAIR to the CSF - Big Step Forward in Acceptance of Cyber Risk Quantification

[fa icon="calendar'] Sep 13, 2019 9:01:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

Today marks a milestone in FAIR history as NIST has formally published FAIR as an Informative Reference to the NIST CSF, the most widely used cybersecurity framework in the U.S. This means that there is mapping between FAIR and the NIST CSF standard in the sections covering risk analysis and risk management.

Read More [fa icon="long-arrow-right"]

Jack Freund in ISACA Blog: Stop Telling Yourself Risk Management Stories

[fa icon="calendar'] Sep 6, 2019 8:45:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

FAIR book co-author Jack Freund, PhD, recently spoke with the risk management team at a large retailer with a firm belief that “organizational apocalypse will occur if the website goes down.” A FAIR analyst on staff ran the numbers on the potential impact of a site outage – and found no apocalypse, just a manageable problem.

Read More [fa icon="long-arrow-right"]

NIST CSF and FAIR Integration at Cimpress Called “Success Story” by NIST

[fa icon="calendar'] Sep 3, 2019 3:16:01 PM / by Jeff B. Copeland posted in FAIR, FAIR Conference 2019

[fa icon="comment"] 0 Comments

Using the FAIR model, forward-thinking CISOs are applying quantitative financial analysis of cyber risk to the recommendations generated by the NIST Cybersecurity Framework. FAIR analysis shows how to prioritize among the recommended best practices in the CSF to maximize investment  

Read More [fa icon="long-arrow-right"]

Congressional Cybersecurity Leader Rep. Jim Langevin to Speak at 2019 FAIR Conference

[fa icon="calendar'] Aug 23, 2019 8:45:00 AM / by Jeff B. Copeland posted in FAIR Conference 2019

[fa icon="comment"] 0 Comments

Congressman Jim Langevin, a pioneer in cybersecurity legislation and oversight, will speak at the 2019 FAIR Conference, to be held September 24-25 in National Harbor, MD, outside Washington.

Read More [fa icon="long-arrow-right"]

FedScoop: “Increasingly, Federal Agencies Are Joining Industry” in Cyber Risk Quantification

[fa icon="calendar'] Aug 19, 2019 12:32:49 PM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

In an article just out on FedScoop, Why government is slow to endorse frameworks for quantifying cybersecurity risk, Dave Nyczepir reports that, while qualitative, red-yellow-green approaches risk still dominate, the move to FAIR-based, quantification-driven risk management  is well underway among federal agencies

Read More [fa icon="long-arrow-right"]

[Video] 4 Tips for Starting Your FAIR Program from Musso Shaikh of Fannie Mae

[fa icon="calendar'] Aug 7, 2019 10:44:22 AM / by Jeff B. Copeland posted in FAIR, Events

[fa icon="comment"] 0 Comments

Attendees at the FAIR Institute Breakfast during the recent Gartner Summit on Security and Risk Management heard tales of three successful FAIR cyber risk quantification programs from Matthew Martin of LPL Financial, Robert Immella of Key Bank and, lastly, Musso Shaikh, Program Manager, Cyber Threat Intelligence, at Fannie Mae, the big provider of mortgage financing.

Read More [fa icon="long-arrow-right"]

Capital One Breach Shows Cybersecurity Is “Lost in Noise”,  Jack Jones Tells New York Times

[fa icon="calendar'] Aug 1, 2019 8:13:20 AM / by Jeff B. Copeland posted in FAIR, Jack Jones

[fa icon="comment"] 0 Comments

New York Times reporters Stacy Cowley and Nicole Perlroth turned to FAIR Institute Chairman and RiskLens Chief Risk Scientist Jack Jones to answer the question, why are big banks in an Endless Fight with Hackers, as their article on the massive Capital One breach asks. 

Read More [fa icon="long-arrow-right"]

GAO Grades Federal Agencies ‘Fail' on Cyber Risk, Accelerating Movement to FAIR

[fa icon="calendar'] Jul 30, 2019 4:50:39 PM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

It’s a devastating report from the Government Accountability Office that should accelerate the movement to cyber risk quantification (CRQ) and the FAIR model, already underway at the Department of Energy.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts