Watch the video of Nick’s welcome address to FAIRCON22.
A FAIR Institute Contributing Membership is required - join now!
Nick listed 10 reasons why Factor Analysis of Information Risk (FAIR™) is the standard for cyber risk quantification (CRQ):
1. Close to 14,000 are FAIR Institute members, from 139 countries and more than half the Fortune 1000
2. 10,000+ have taken FAIR training
3. 1,200 have achieved Open FAIR™ Certification as FAIR analysts
4. 25 universities offer courses covering FAIR and CRQ
5. A model Independently evaluated and vetted by the Open Group.
6. Adopted by 25 vendors offering software, services, data, and training. (Nick is CEO of RiskLens, creator of a SaaS platform for FAIR-based risk management.)
7. Open and defensible, in contrast to an increasing field of solutions that claim to perform quantitative risk analysis but use proprietary, black-box models.
8. Analytics across risk domains, including operational risk, a flexibility many organizations value so they can unify risk management processes.
9. Value-at-risk (VaR) analyses, empowering simulation and forecasting
10. Added value to risk and control frameworks as an analytics model to assess which among the recommended best practices or controls will provide the most risk reduction, measured in financial terms.
Nick said that the Institute wants to satisfy increasing requests from the FAIR community for industry studies, how-to guides, benchmark data, mapping to standards and frameworks, advocacy work and more. He announced that the Institute would add a new membership tier; for a small fee, Contributing Members will have access to all the resources of the Institute and other privileges (get the full details here). “Contributing Members allow us to set a foundation for resource development,” Nick said.
Nick also announced a Slack channel as a platform for better information sharing and networking among Contributing Members, and a new, user-friendly Resource Center, exclusive to Contributing Members. (Free FAIR Institute memberships will continue, with limited access to resources.)