FAIR Institute Blog

FAIR™ Analysis Case Study Webinar: Decrease Risk from Employees Working at Home

[fa icon="calendar"] Apr 9, 2020 8:29:56 AM / by Jeff B. Copeland

Work From Home -1Here’s a timely topic, with an army of office workers moved over to working at home due to the pandemic. In this short webinar (watch it below), Risk Consultant Christina Dulovich walks you through a FAIR™ analysis she performed for a client through the RiskLens platform, on a risk scenario that’s probably very common right now: employees exporting PII to a cloud-hosted site for non-malicious reasons (like getting off an overloaded VPN to work more efficiently). Non-malicious, but still potentially costly in terms of customer lawsuits and remediation costs.  


Watch the webinar now: Decrease Risk from Employees Working from Home

FAIR Institute membership and participation in the LINK discussion board required. 

Join the Institute now!


Christina Dulovich RiskLens Risk Consultant-1The client, a large technology company, wanted to know its baseline risk and how much two alternative controls – a DLP solution vs. blocking access to cloud sites -- might reduce the risk in dollar terms. Before turning to FAIR analysis, the company would have been clueless with its high-medium-low, non-quantitative methods. 

In clear language  (with charts) Christina will show you how she handled the four steps of a FAIR analysis: 

  1. ID baseline events, using the company’s known data on cyber incidents
  2. Determine the relevant factors of the FAIR model impacted 
  3. On the RiskLens platform, update the baseline analysis for FAIR factors impacted by adding controls (DLP would reduce number of records that could be exported vs. cloud host block would reduce the frequency of events, or Vulnerability, in FAIR terms).
  4. Compare probable loss exposure reduction vs investment for the two alternatives.  

As Christina sums it up, “from the DLP, we could see a great reduction, just coming from the numbers of records that could be breached vs all of the possible PII records that individual has access to. Our cloud hosting block had an even greater risk reduction that was reducing the frequency of the event happening at all…

“You’e able to compare that per event reduction to the overall investment, so let's say that it cost several million to implement the cloud block, you could flesh that out and really see in dollars and cents was the juice worth the squeeze, should we go ahead, and what is our best option to reduce our cyber risk from this particular loss event.”

FAIR Case Study Webinar Work from Home 2


Watch the webinar now: Decrease Risk from Employees Working from Home

(FAIR Institute membership required)


 

Related:

Jack Jones on How the COVID-19 Pandemic Is Likely to Affect Cybersecurity Programs

Podcast: Jack Freund on the Role for FAIR™ Risk Analysts in Business Continuity Planning for Coronavirus

 

Topics: FAIR, Case Studies

Jeff B. Copeland

Written by Jeff B. Copeland

Jeff is the Content Marketing Manager for RiskLens.

Join the FAIR Community