The FAIR Institute is excited to respond to the call by members by formally expanding our research agenda in 2024.
“We listened to our members, and, as a result, the FAIR Institute is undergoing a transformation, prioritizing research into new risk analysis models to better address the industry’s challenges,” said Pankaj Goyal, Director, Standards and Research. “Our goal is to get actionable techniques validated by our community and into the hands of our members as quickly as possible.”
Leaders in our community have joined new workgroups and committees to help organizations meet developing analytics needs to
- Evaluate the effectiveness of cybersecurity controls
- Integrate compliance and risk management
- Measure and determine materiality of cyber incidents and
- Assess emerging risks.
We will also be continuing to develop and publish new FAIR™ standards with the goal of creating an independent technical standards development body to research, develop and validate the new standards.
Here’s an overview of the new research structure at the FAIR Institute:
Standards Committee
The Standards Committee maintains and governs the FAIR Taxonomy and Analytics Model as well as the standard extensions and other deliverables created by the Standards Working Groups, under the guidance of the Industry Research Boards.
The Standards Committee is composed of (voting) Committee Members and of (non-voting) Committee Advisors.
Standards Committee Members
- Jack Jones, Chairman, FAIR Institute
- Pankaj Goyal, Director, Standards and Research, FAIR Institute
- Denny Wan, Sydney Chapter Chair, FAIR Institute'
- Mike Radigan, Cyber Risk Advisor, Cisco
Standards Body Working Groups
Standards Working Groups are created to research and develop new standard taxonomies and analytics models, as well as other research on risk data. The current research agenda includes FAIR model validation and enhancements such as FAIR-CAM, FAIR-MAM and AI risk modeling.
The mission of the Standards Body Working Groups is to research new areas of extension of the FAIR model, data sources and formats, mapping to complementary models and frameworks.
Examples of research projects include
- Modeling of loss data
- Measurement of materiality
- Measurement of controls effectiveness and mapping to risk
- Threats-to-risk mapping
- Assessing and managing third-party risk
- Insurance underwriting.
GenAI Risk Standards Research Working Group
Vision: To accelerate the adoption of GenAI by businesses and individuals with confidence built by risk-informed decision making and help harness the enormous power of AI technologies.
GenAI Risk Group Members
- Brandon Sloane, Information Security Risk Management Lead, Meta
- Omar Khawaja, VP Security, Field CISO, Databricks
- Jacqueline Lego, Risk Advisory Manager, Safe Security
- Pankaj Goyal, Director, Standards and Research, FAIR Institute
Supply Chain Risk Standards Research Working Group
Vision: To reduce supply chain impact of cyber attacks by 3x by 2025
Supply Chain Risk Group Members
- Mike Wilson, CISO, Molina Healthcare
- Marek Jakubczak, Supplier Cybersecurity Risk and Assurance Director, GSK
- Denny Wan, Sydney Chapter Chair, FAIR Institute
- Erica Eager, Sr. Director, Risk Quantification, Safe Security
- Pankaj Goyal, Director, Standards and Research, FAIR Institute
We encourage Institute Members to get involved by submitting relevant research topics to the working groups. Contact us.
Join us at the 2024 FAIR Conference, October 1 and 2, in Washington, DC
