FAIR Institute Blog

Nicola (Nick) Sanna

Nicola (Nick) Sanna

Recent Posts

Takeaways from the Inaugural FAIR Conference 2016

[fa icon="calendar'] Oct 27, 2016 5:00:00 PM / by Nicola (Nick) Sanna posted in FAIR, Risk Management, Events

[fa icon="comment"] 3 Comments

October 14, 2016 marked the first ever gathering of information security and operational risk professionals at FAIR Conference.

Read More [fa icon="long-arrow-right"]

Federal Reserve, OCC, FDIC Proposed Cyber Risk Management Standards Enhancements

[fa icon="calendar'] Oct 26, 2016 8:00:00 AM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Enhanced cyber risk management standards

The three federal banking regulatory agencies released on Oct. 19, 2016 a series of proposed enhancements to cyber risk management standards that could result in new policy guidance or new stringent regulation. They are currently inviting comments before issuing a more detailed proposal for consideration. 

Read More [fa icon="long-arrow-right"]

Nominate Your FAIR Champions

[fa icon="calendar'] Aug 31, 2016 5:03:58 PM / by Nicola (Nick) Sanna posted in FAIR, Events

[fa icon="comment"] 0 Comments

Honoring Excellence in Information and Operational Risk Management

At the upcoming FAIR Conference 2016, the FAIR Institute will honor risk management leaders for their initiative, ingenuity and contributions to Information and Operational Risk Management. 

Read More [fa icon="long-arrow-right"]

Save The Date For The 2016 FAIR Conference

[fa icon="calendar'] Jun 8, 2016 12:00:00 PM / by Nicola (Nick) Sanna posted in FAIR, Events

[fa icon="comment"] 1 Comment

We are happy to announce that the first ever FAIR Conference will take place in Charlotte, NC, at the Wake Forest University Charlotte Center on October 14, 2016. 'Queen City', here we come! 

Read More [fa icon="long-arrow-right"]

The Inevitable Marriage Between Threat Intelligence and Risk Assessment

[fa icon="calendar'] Mar 1, 2016 8:16:44 PM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

I attended a very informative and engaging presentation at RSA Conference 2016 led by Wade Baker, VP Strategy and Risk Analytics at ThreatConnect and former lead for Verizon’s annual Data Breach Investigations Report (DBIR). 

The title of his session was "The Marriage of Threat Intelligence and Risk Assessment". In his presentation, he explored some fundamental questions such as: What is the relationship between threat intelligence and risk management? Many treat them as separate disciplines, but is that the way it should be? 

Read More [fa icon="long-arrow-right"]

What Is a Cyber Value-at-Risk Model?

[fa icon="calendar'] Jan 28, 2016 6:21:54 PM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 3 Comments

Over the past year, executive teams and board members across multiple industries have started to ask questions more forcefully about the risk posed by cybersecurity attacks. They are no longer content with technical reviews of their security controls and are asking questions related to the business impact of cybersecurity attacks. How much cyber risk do we have? Are we spending too much or not enough? How much can we reduce risk with the proposed info security budget? Should we buy cyber-insurance? 

Read More [fa icon="long-arrow-right"]

How to Communicate Cyber Risk to the Board

[fa icon="calendar'] Jan 8, 2016 5:39:59 PM / by Nicola (Nick) Sanna posted in Risk Management

[fa icon="comment"] 0 Comments

Do you dread reporting on cyber risk to the board? Have you ever felt that board members were left confused by your descriptions of cyber risk in terms of threats and vulnerabilities? Did your board members ever challenge your presentation and ask, "What does this mean to the business?"

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts