What’s the most valuable control for risk reduction in your cybersecurity stack? The least valuable? Your team probably has opinions, but no hard, quantitative data to make a business case.
That’s the knowledge gap that Jack Jones, creator of FAIR™, the international standard for cyber risk quantification, aims to fill with the FAIR Controls Analytics Model (FAIR-CAM™). He will introduce this complementary model at the 2021 FAIR Conference, the premiere, global, quantitative risk management conference, to be held virtually on October 19-20. Jack will present both a speech and a white paper on FAIR-CAM.
Join Jack at the virtual FAIRCON21 on Oct. 20, 12:30 PM, to get the details on FAIR-CAM.
Conference tickets are free to FAIR Institute members until Oct. 1.Join the FAIR Institute (also free to qualified professionals).
FAIR-CAM is an extension of FAIR that makes cyber risk quantification even more useful as a decision support tool. FAIR quantifies the probable frequency and magnitude (in dollar terms) of cyber loss events; FAIR-CAM quantifies the effectiveness of controls for reducing that frequency and magnitude. Combining the two enables risk and security organizations to measure the risk reduction value of controls and controls systems more easily and reliably.
FAIR-CAM maps to all the popular controls frameworks, such as NIST, ISO, and CIS, and will help security teams get more value from frameworks. Rather than conducting simple gap analysis, teams can make well-informed choices among the controls recommended by the frameworks, based on quantifiable risk reduction.
Don’t miss hearing Jack present the FAIR Controls Analytics Model and asking him your questions – register now for the 2021 FAIR Conference. Conference tickets are free to FAIR Institute members until Oct. 1.