FAIRCON24 Welcome Address: FAIR Institute’s New Roadmap to Success in CRQ (Video)
FAIR Institute President Nick Sanna and Managing Director Todd Tucker tag-teamed the Welcome Address to the 2024 FAIR Conference, in two talks that, taken together, presented a comprehensive view of the state of the FAIR movement and a new strategic roadmap for the FAIR Institute.
Watch the video: Welcome Address at FAIRCON2024
Join a live chat with Nick and Todd to discuss topics covered in the Welcome Address, Thursday, Nov. 7, 11:00 AM EST, Register now!
This is the first in a series of discussions recapping sessions at FAIRCON24. Discover insights from over 60 experts discussing third-party risk management, cyber risk reporting to the board, AI-related risks and more. You’ll have an opportunity to watch the FAIRCON session video and chat live with the presenters – come back to the FAIR Institute website for the latest webinar!
Nick Sanna on the Evolving State of the FAIR Movement
The FAIR Institute “started as a community of knowledge sharing…and before you knew it, it became something very big, an organization that actually changed an industry in a very fundamental way,” Nick said. Last year, we decided to become a research organization because many of you and your peers said we need to advance this discipline further.”
Some of the key points from Nick’s remarks:
>>The FAIR Institute has always aimed to stay close to the needs of those on the front lines of managing cyber risk. As FAIR practitioners matured, the need-to-know questions they posed to the Institute became increasingly ambitious, as Nick presented in this timeline:
From basic proof-of-concept quantification in 2016…to first steps at scaling beyond a few early adopters in 2019…to Jack Jones’s breakthrough development of the FAIR Controls Analytics Model in 2021…to today, automation and other techniques to fast-track cyber risk analysis in a super-competitive business environment.
Take a second look at the bar chart, though. More than a history lesson, this evolutionary track could describe the maturity curve of a single enterprise – where is your team on these bars?
>>Nick outlined several big-picture trends; in each case, the old playbook for compliance-driven risk management is not keeping up.
- Digital Transformation
- Continuous Increase in Cyber Incidents
- Increasing Regulation for Cyber on Disclosure, Privacy
- Growing Dependence on Third Parties
- Budget Optimizations
- M&A
- Adoption of AI
And he described the truly remarkable recent growth in capabilities built on the FAIR superstructure, from FAIR-CAM for assessing the effectiveness of controls to FAIR-MAM for sharper focus on quantifying loss magnitude to FAIR-TAM for risk management of third parties to nailing down the slippery field of risk management in Generative AI with FAIR-TAM.
Todd Tucker on the FAIR Institute’s New Goals for More Research, Education and Involvement for the Membership
Todd led the TBM Council, an organization for CIOs very like the FAIR Institute in its focus on driving business value with technology management - and he’s bringing those learnings to the Institute.
He presented four near-term initiatives.
1. Expand FAIR Institute ResearchDevelop an open, online CRQ framework to make knowledge more easily accessible
Develop Industry Research Boards – the industry-specific roundtables held at the 2024 FAIR Conference were a means to kick-start this initiative.
Develop a FAIR CRQM maturity model and benchmarking
2. Elevate FAIR to C-Suite and BoardAlready in development with a new FAIR introductory course for executives on Coursera. Todd also envisions FAIR education for board members.
3. Advance the ProfessionThe FAIR Institute will take on a new identity as the certification authority for competency for cyber risk executives, cyber risk officers and cyber risk analysts, in addition to certification for FAIR Fundamentals training. Todd made it clear that FAIR Institute training would be led by practitioners from the community, not professional trainers.
4. Engage and Expand the CommunityAlready a global organization with 16,000, the Institute has plenty of room to run. Todd envisioned a more formal support system for the chapters and alliances with other organizations in the field, among other steps.
Todd asked the FAIRCON audience to get more involved with the Institute as chapter hosts, trainers, content creators and members of research boards. “We can’t do this without you,” he said – and flashed the email address InvolveMe@FairInstitute.org on the screen.
Watch the video: Welcome Address at FAIRCON2024
Join a live chat with Nick and Todd to discuss topics covered in the Welcome Address, Thursday, Nov. 7, 11:00 AM EST, Register now!
Not yet a FAIR Institute member yet? Get involved now!