FAIR Institute Blog

Tim Wynkoop

Tim Wynkoop is a Risk Analyst for RiskLens

Recent Posts

Managing a Cyber Risk Program in an Ever-Evolving Threat Landscape

[fa icon="calendar'] Sep 5, 2019 1:22:18 PM / by Tim Wynkoop posted in Risk Management

[fa icon="comment"] 0 Comments

With the skills and resources of attackers constantly improving, is cyber risk management a hopeless endeavor? Working with CISOs and risk management teams as a FAIR consultant, this is a question I get asked from time to time and, in short, the answer is no, if you follow these three best practices:

Read More [fa icon="long-arrow-right"]

3 Key Metrics in Cyber Risk Analytics

[fa icon="calendar'] Jan 15, 2019 11:50:47 AM / by Tim Wynkoop posted in FAIR

[fa icon="comment"] 0 Comments

I have had the privilege or the curse of working with metrics--depending on which side of the fence you are on--through the course of my career.  I have tended to lean towards the latter. 

Read More [fa icon="long-arrow-right"]

Loss Event Frequency Explained in 3 Minutes [Video]

[fa icon="calendar'] Nov 14, 2017 10:18:11 AM / by Tim Wynkoop posted in FAIR

[fa icon="comment"] 0 Comments

With large companies under near constant attack from malware, phishing, and hacking attempts, getting an estimate on cybersecurity risk means reaching a clear understanding of how many of the massive number of threats actually turn into losses.

Read More [fa icon="long-arrow-right"]

'Vulnerability' in Risk Analysis, Explained in 2 Minutes [Video]

[fa icon="calendar'] Sep 27, 2017 3:36:37 PM / by Tim Wynkoop posted in FAIR

[fa icon="comment"] 1 Comment

Precise definitions of the factors that go into an accurate risk analysis – that may be the bottom line advantage of the FAIR approach.  For a great example, take Vulnerability, loosely defined as "weakness" most often, but FAIR gives it a focussed and more useful meaning: “the probability that a threat event will become a loss event.”  

Read More [fa icon="long-arrow-right"]

What Makes a Good Risk Analyst?

[fa icon="calendar'] Jun 9, 2017 6:13:15 AM / by Tim Wynkoop posted in FAIR, Risk Management

[fa icon="comment"] 3 Comments

If you’re looking to hire a cyber risk analyst – or if you are a risk analyst looking to up your game – I recommend reading Jack Jones’ new eBook An Executive’s Guide to Cyber Risk Economics where you’ll find the definitive checklist of skills required to do reliable risk analysis. 

Read More [fa icon="long-arrow-right"]

Subscribe to Email Updates

Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts