FAIR Institute Announces New Groups to Advance Research into Critical Issues of Cyber Risk Management

The FAIR Institute is excited to respond to the call by members by formally expanding our research agenda in 2024. 

FAIR-AIR Approach Playbook Cover Download“We listened to our members, and, as a result, the FAIR Institute is undergoing a transformation, prioritizing research into new risk analysis models to better address the industry’s challenges,” said Pankaj Goyal, Director, Standards and Research. “Our goal is to get actionable techniques validated by our community and into the hands of our members as quickly as possible.”

Leaders in our community have joined new workgroups and committees to help organizations meet developing analytics needs to

  • Evaluate the effectiveness of cybersecurity controls
  • Integrate compliance and risk management
  • Measure and determine materiality of cyber incidents and 
  • Assess emerging risks. 

We will also be continuing to develop and publish new FAIR™ standards with the goal of creating an independent technical standards development body to research, develop and validate the new standards. 

Here’s an overview of the new research structure at the FAIR Institute: 

Standards Committee

The Standards Committee maintains and governs the FAIR Taxonomy and Analytics Model as well as the standard extensions and other deliverables created by the Standards Working Groups, under the guidance of the Industry Research Boards.

The Standards Committee is composed of (voting) Committee Members and of (non-voting) Committee Advisors. 

Standards Committee Members 

  • Jack Jones, Chairman, FAIR Institute
  • Pankaj Goyal, Director, Standards and Research, FAIR Institute
  • Denny Wan, Sydney Chapter Chair, FAIR Institute'
  • Mike Radigan, Cyber Risk Advisor, Cisco

Standards Body Working Groups

Standards Working Groups are created to research and develop new standard taxonomies and analytics models, as well as other research on risk data. The current research agenda includes FAIR model validation and enhancements such as FAIR-CAM, FAIR-MAM and AI risk modeling.

The mission of the Standards Body Working Groups is to research new areas of extension of the FAIR model, data sources and formats, mapping to complementary models and frameworks. 

Examples of research projects include 

  • Modeling of loss data
  • Measurement of materiality
  • Measurement of controls effectiveness and mapping to risk
  • Threats-to-risk mapping
  • Assessing and managing third-party risk
  • Insurance underwriting. 

FAIRCON23 - AI Risk Posture Management copy-1GenAI Risk Standards Research Working Group

Vision: To accelerate the adoption of GenAI by businesses and individuals with confidence built by risk-informed decision making and help harness the  enormous power of AI technologies.

GenAI Risk Group Members

  • Brandon Sloane, Information Security Risk Management Lead, Meta
  • Omar Khawaja, VP Security, Field CISO, Databricks
  • Jacqueline Lego, Risk Advisory Manager, Safe Security
  • Pankaj Goyal, Director, Standards and Research, FAIR Institute
Brandon and Pankaj presented on AI Risk Posture Management at the 2023 FAIR Conference. 


Supply Chain Risk Standards Research Working Group

Vision: To reduce supply chain impact of cyber attacks by 3x by 2025

Supply Chain Risk Group Members

  • Mike Wilson, CISO, Molina Healthcare
  • Marek Jakubczak, Supplier Cybersecurity Risk and Assurance Director, GSK
  • Denny Wan, Sydney Chapter Chair, FAIR Institute
  • Erica Eager, Sr. Director, Risk Quantification, Safe Security
  • Pankaj Goyal, Director, Standards and Research, FAIR Institute


We encourage Institute Members to get involved by submitting relevant research topics to the working groups. Contact us

Join us at the 2024 FAIR Conference, October 1 and 2, in Washington, DC

Learn How FAIR Can Help You Make Better Business Decisions

Order today
image 37