Talk about convergent evolution - Michael Rich, Director of IT Security, Infrastructure, and Operations at Motion Picture Industry Pension & Health Plans (MPI) in Studio City, CA, created his own quantitative risk analysis system that’s close to FAIR™ -- with features such as risk decomposition, Monte Carlo simulation and output in loss exceedance curves -- before he learned about FAIR,
Like Jack Jones, creator of FAIR, Michael is a fan of Douglas Hubbard (“perhaps unmatched as a risk guru,” Jack wrote in his book Measuring and Managing Information Risk). Michael created a python version (see it on GitHub) of Hubbard’s risk simulation method from How to Measure Anything in Cybersecurity Risk and presented it at BSides Las Vegas 2018 (watch Michael’s presentation).
Luke Bader is Director, Membership and Programs, for the FAIR Institute
He first got up to speed on FAIR by attending the educational session led by Jack Jones at RSAC 2020 – “I was super-excited to see they were mainstreaming it for the industry as a whole.” Next, he attended the 2021 SIRACon, with many FAIR-inspired speakers, signed up for the membership in the FAIR Institute, and just received a copy of the FAIR book the day we spoke.