Jack Jones, creator of FAIR™ (Factor Analysis of Information Risk) and chief provocateur of the cyber risk quantification movement, speaks at the 2022 RSA Conference, Wednesday, June 8, in a morning seminar on the future of risk measurement.
The Future of Cybersecurity Risk Measurement
Seminar with Jack Jones
Wednesday, June 8
8:30 AM - 12:30 PM PT
Moscone South 301-302
Open to All Pass-holders
If you are new to FAIR, the session will provide an authoritative overview of the international standard for quantitative risk analysis plus a look at common use cases in analyzing and communicating risk with FAIR from an expert practitioner, Tony Martin-Vegue of Netflix.
Jack will also give an introduction and update for FAIR-CAM™, the new model for quantifying the effectiveness of risk management controls and control systems.
Jack Jones’ View of the Future of Cyber and Technology Risk Measurement and Management
“Many people know that the risk measurement we’ve been doing as a profession is not every effective,” Jack says. “That’s not to be viewed as shameful; it’s part of normal evolution for any profession. We should embrace opportunities to evolve and become the best we can be.”
Also at the 2022 RSA Conference:
FAIR Analysis Fundamentals Training
Sunday, June 5 - Monday, June 6
9 AM – 5 PM PT
“The future of risk measurement should focus on better accuracy, better timeliness and lower cost of execution,” Jack will explain at the seminar. FAIR quantitative analysis is a major step forward to solving the accuracy problem. Automation of risk analysis and eventually AI will solve for timeliness and cost; controls analytics with FAIR-CAM will play a leading role in that movement forward.
“I’m optimistic for the future of risk measurement, but it will not be smooth sailing,” he says. “The path forward represents a significance change in processes, technologies and beliefs, and beliefs in particular don’t change easily. Unless, of course, the need is great enough, and that’s part of what I’ll be talking about as well.”
Join Jack June 8 at the RSA Conference for a look into The Future of Cybersecurity Risk Measurement.