Jack Jones wrote Understanding Cyber Risk Quantification: A Buyer’s Guide to help those looking to move up the evolutionary scale in risk management and communicate cyber risk in the non-technical, financial terms that business leaders demand.
Recent Posts
Important Questions when Choosing a Cyber Risk Quantification Provider Part 2: Analytics & Reporting
The new white paper Understanding Cyber Risk Quantification: A Buyer’s Guide by Jack Jones, creator of the FAIR™ standard, arms you with all the information you need to be make an informed choice on re-orienting your risk management program around financial analysis of cyber and technology risk
The new 2023 edition of the Director’s Handbook on Cyber-Risk Oversight from the National Association of Corporate Directors (NACD) and the Internet Security Alliance (ISA) educates board members on upgrading their oversight capability for cyber risk
Brenda Thayer, Senior Manager, Technology Risk, at Fannie Mae, the big mortgage finance organization, packs a lot of advice into this 10-minute conversation with FAIR Institute Director Luke Bader.
In the eBook An Adoption Guide for FAIR, Jack Jones wrote, “there are two primary considerations when selecting a starting point for [FAIR™] adoption that has executive visibility: meaningful results, achieved quickly.
Jack Jones, creator of FAIR™, the standard model for quantifying cyber and operational risk, leads two seminars at the 2023 RSA Conference on Tuesday, April 25, from 8:30am to 10:30am and 1:15pm to 3:15pm PT.
FUD & CRQ – As the leading advocates for FAIR, the standard for cyber risk quantification, we freely admit that uncertainty, doubt and even fear have dogged the introduction of CRQ
In Understanding Cyber Risk Quantification: A Buyer’s Guide, (FAIR Institute Contributing membership required to view) Jack Jones, creator of the FAIR cyber risk quantification model, answers some fundamental questions about the purpose of a risk management program.
Looking to learn if cyber risk quantification (CRQ) is a good fit for your organization, then choose a CRQ solution? Well, good luck. The marketplace has been rapidly filling up with vendors loudly claiming that they provide CRQ.
Pooya Alai, a Senior Cybersecurity Risk Manager for Maersk, the global shipping giant and integrator of logistics, came to FAIR™ (Factor Analysis of Information Risk) from a background in enterprise risk management (ERM), not IT, and his first reaction was “I can make something much more complicated than this.”
