by Jeff B. Copeland
The Risk.net article by Tom Osborn catalogues the list of tough problems for bank operational risk managers who want to model cyber risk:
Osborn writes that financial institutions turn to FAIR because "the approach provides a straightforward map of risk factors and their interrelationships, with its outputs then used to inform a quantitative analysis, such as Monte Carlo simulations or a sensitivities-based analysis."
Read the Risk.net article Modeling cyber risk: FAIR's fair? (registration required).
For an in-depth guide to educating executive management about the value of the FAIR model and quantitative risk analysis, read the eBook An Executive’s Guide to Cyber Risk Economics.