Jack Jones wrote Understanding Cyber Risk Quantification: A Buyer’s Guide to help those looking to move up the evolutionary scale in risk management and communicate cyber risk in the non-technical, financial terms that business leaders demand.
Jeff B. Copeland
Recent Posts
Important Questions when Choosing a Cyber Risk Quantification Provider Part 2: Analytics & Reporting
[fa icon="calendar'] Apr 3, 2023 2:36:09 PM / by Jeff B. Copeland posted in Guides & Tips
Important Questions when Choosing a Cyber Risk Quantification Provider Part 1: Utility & Data
[fa icon="calendar'] Mar 29, 2023 1:02:21 PM / by Jeff B. Copeland posted in Guides & Tips
The new white paper Understanding Cyber Risk Quantification: A Buyer’s Guide by Jack Jones, creator of the FAIR™ standard, arms you with all the information you need to be make an informed choice on re-orienting your risk management program around financial analysis of cyber and technology risk
Educate Your Board, Build Support for Cyber Risk Quantification with the New NACD Director’s Handbook on Cyber-Risk Oversight
[fa icon="calendar'] Mar 28, 2023 12:31:03 PM / by Jeff B. Copeland posted in Guides & Tips
The new 2023 edition of the Director’s Handbook on Cyber-Risk Oversight from the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) educates board members on upgrading their oversight capability for cyber risk
Meet a Member: Brenda Thayer, Fannie Mae, on Applying FAIR to Shifting Markets
[fa icon="calendar'] Mar 27, 2023 2:23:50 PM / by Jeff B. Copeland posted in Meet a Member
Brenda Thayer, Senior Manager, Technology Risk, at Fannie Mae, the big mortgage finance organization, packs a lot of advice into this 10-minute conversation with FAIR Institute Director Luke Bader.
How to Achieve Quick Wins with FAIR Cyber Risk Quantification
[fa icon="calendar'] Mar 22, 2023 5:26:32 PM / by Jeff B. Copeland posted in Guides & Tips
In the eBook An Adoption Guide for FAIR, Jack Jones wrote, “there are two primary considerations when selecting a starting point for [FAIR™] adoption that has executive visibility: meaningful results, achieved quickly.
Jack Jones Seminars at RSA Conference 2023: Learn Cyber Risk Quantification from the Master
[fa icon="calendar'] Mar 22, 2023 10:42:36 AM / by Jeff B. Copeland posted in Events, Jack Jones
Jack Jones, creator of FAIR™, the standard model for quantifying cyber and operational risk, leads two seminars at the 2023 RSA Conference on Tuesday, April 25, from 8:30am to 10:30am and 1:15pm to 3:15pm PT.
Fear of Cyber Risk Quantification? Read This.
[fa icon="calendar'] Mar 8, 2023 8:45:00 AM / by Jeff B. Copeland posted in Guides & Tips
FUD & CRQ – As the leading advocates for FAIR, the standard for cyber risk quantification, we freely admit that uncertainty, doubt and even fear have dogged the introduction of CRQ
8 Goals for a Cyber Risk Management Program
[fa icon="calendar'] Feb 28, 2023 8:45:00 AM / by Jeff B. Copeland posted in Guides & Tips
In Understanding Cyber Risk Quantification: A Buyer’s Guide, (FAIR Institute Contributing membership required to view) Jack Jones, creator of the FAIR cyber risk quantification model, answers some fundamental questions about the purpose of a risk management program.
Jack Jones Releases New Edition of the CRQ Buyer’s Guide to Cut through Risk Quantification Hype (Q&A with Jack)
[fa icon="calendar'] Feb 27, 2023 9:00:00 AM / by Jeff B. Copeland posted in Guides & Tips
Looking to learn if cyber risk quantification (CRQ) is a good fit for your organization, then choose a CRQ solution? Well, good luck. The marketplace has been rapidly filling up with vendors loudly claiming that they provide CRQ.
Meet a Member: Pooya Alai, Senior Cybersecurity Risk Manager for Maersk on Unblocking the Decision Process with FAIR
[fa icon="calendar'] Feb 16, 2023 6:30:00 AM / by Jeff B. Copeland posted in Meet a Member
Pooya Alai, a Senior Cybersecurity Risk Manager for Maersk, the global shipping giant and integrator of logistics, came to FAIR™ (Factor Analysis of Information Risk) from a background in enterprise risk management (ERM), not IT, and his first reaction was “I can make something much more complicated than this.”