Marc Krevinghaus, Managing Director of consultancy MAKINSIGHTS, splits his time between Lima, Peru, and Detroit, US, because, he laughs, he likes the food in both places and doesn’t like the winter in either.
Marc started his own firm after high-level security and risk roles at Kaiser Permanente, Virgin Mobile USA, Zurich North America, and others, and came to FAIR™, like so many FAIR Institute members, after realizing that “controls assessments stoplight charts were adequate to a point but once we had an organization that was mature enough to be taking more advanced and sophisticated decisions, those traditional tools just weren’t enough.”
Luke Bader is Director, Memberships and Programs, for the FAIR Institute
In our conversation, Marc touched on some ground-level insights on introducing FAIR and risk quantification to clients.
- Why he enjoys risk triage exercises.
- How to find the right pace to introduce FAIR to an organization.
- How a push from regulators could move more CISOs to the quantification camp.
Looking at the challenges ahead for FAIR practitioners, Marc says it’s still a balancing act: “In an environment where we can show business benefit, how it comes back to dollars or pesos, we need to be having those conversations without losing the reality that we also have which is operational security.”
Marc and other FAIR certified consultants from MAKINSIGHTS will be participating in the ISACA conference in Latin America on September 16 & 17 and will share their views on how FAIR workshops can be used to influence investment strategies/roadmaps and drive better communication with business partners.
Watch our conversation now:
