Among the themes that generated the most interest:
>>Jack Jones, creator of FAIR. As usual, Jack was the force behind so much of the thought leadership on the FAIR Institute site, explaining basic concepts of quantification, advancing the new FAIR Controls Analytics Model (FAIR-CAM™) and responding to the rash of product marketing that broke out in 2022 making claims to perform quantification with just-trust-us proprietary models. Read blog posts by and about Jack Jones.
>>Two FAIR Conferences (FAIRCON22) -- a light version in the Spring and the magnum version in the Fall -- with 46 blog posts (and more videos in the Member Resources Library open to FAIR Institute Contributing Members), covering the amazing range of presentations from FAIR community members. Join the FAIR Institute now.
>>Excitement in the community continued to run high for FAIR-CAM, the intellectual breakthrough in cybersecurity controls management, closely related to the next topic…>>Automating Cyber Risk Quantification. Jack wrote a five-part blog post series, a timely and significant contribution to point the way forward for CRQ.
1. Attacking FAIR - A Reply by Jack Jones (tie)
1. Jack Jones Rebuts ‘FAIR Fatigue’, an Article Filled with Misrepresentations of FAIR (tie)
2. Identifying the Right Risk Scenarios to Measure with FAIR (Institute Member Raksha Shenoy, Equinix))
4. Jack Jones: Automating Cyber Risk Quantification
5. 3 New Ways to Think about Cybersecurity Controls (FAIR-CAM)
6. 10 Reasons Why FAIR Is the Standard for Cyber Risk Quantification (Infographic)
7. 7 Basic Tools for FAIR Cyber Risk Analysis
10. FAIR vs. Proprietary Cyber Risk Analysis Models: What’s the Difference? Jack Jones Explains
11. Understanding and Managing Skeptical Stakeholder Reaction to Quantitative Cyber Risk Analysis (Institute Member Caleb Juhnke, Equinix)