Second in a series of interviews of attendees at last year’s FAIR Conference, we asked three FAIR Institute members for quick notes on their experiences getting started and proving the value in cyber risk quantification.
Meet 3 FAIR Institute Members from Raytheon, Allstate and Pacific Northwest Laboratory [Video]
Jake Hoban
Head of Technology Risk
Visa Europe
“Typically, you get people in a room talking about risk and everyone’s got a different question in their heads. With FAIR, everything’s out in the open, there’s no black box. You clarify your assumptions. If someone doesn’t like the assumptions, you run the model again and see how the outcome differs.”
Register now for the 2019 FAIR Conference, National Harbor, MD, near Washington, DC, September 24 and 25, 2019. On-site FAIR training (beginner and advanced) September 22-23.
Geri Fultz
Technical Manager
Scotts Miracle-Gro
“Take it slow. Don’t try to make the best thing that ever came along, and present it as the best thing that ever came along as soon as you get it. People will feel that some of their turf might be stepped on a little bit. So just be gentle with folks and keep presenting the numbers.”
Dave Wolf
CISO
HomeStreet Bank
“I’ve conducted one official FAIR analysis so far about a product that we wanted to roll out and had a lot of uncertainty around the loss we were going to have with it. I presented the analysis to our executive committee and it went really well. They had some questions--like “Where did you come up with these numbers?”--and I walked them through my thought process and assumptions and they were pleased with it. They said, 'So if we actually do get the point where we experience X number of losses then we’re going to shut down this project'.”
Read more blog coverage of the 2018 FAIR Conference
Join the FAIR Institute and our Link community site to gain access to video of all the FAIRCON18 sessions.
