How to Build a Great Foundation for a FAIR Cyber Risk Quantification Program – Learn from Netflix
“The foundation is really important for the growth and maturity of a FAIR program, even if it takes a long time for people to be convinced about risk quantification.”
That’s the advice of Prashanthi Koutha, Senior Risk Engineer at Netflix. The first goal for the Netflix team’s FAIR implementation “was to look at the existing risk program and add rigor – not to change the mindset and transition to cyber risk quantification immediately. The only goal is, are we doing better today than yesterday.”
Prashanthi joins Tony Martin-Vegue, Senior Information Security Risk Engineer at Netflix for a presentation at the upcoming FAIR Conference (FAIRCON21):
Fireside Chat - How to Get a FAIR Program Off the Ground, Tuesday, October 19, 1:15-1:45 PM ET
Netflix is about two years into FAIR adoption. The team’s first step was to introduce FAIR concepts and terminology to the discussion of risk, and carefully work FAIR analysis into decision workflows, while building trust in the program as stakeholders see risk becoming more accessible and actionable. The next step will be to fully transition to FAIR for all risk scenarios.
Learn more from the Netflix FAIR team:
Tony Martin-Vegue presented the webinar Common Uses Cases of FAIR Analysis - Beginner Chapter Meeting, now on our LINK discussion board. A (free) FAIR Institute membership is required. Sign up for membership now.