The FAIR Institute’s newest local chapter is coming to life in Florida. Based in Tampa, the Sunshine State Chapter is co-led by Daniel Holland, Deputy CISO at Tampa General Hospital, and Lisa Wagner Begando, GRC Director at Health Catalyst.
The chapter’s first meeting takes place February 19, with both in-person and virtual attendance options available.
In a recent Meet a Member interview with Membership Director Luke Bader, the two shared why FAIR has become foundational to their work—and what members can expect from the new chapter.
Watch the Meet a Member interview video.
The co-chairs described coming to FAIR from very different professional paths—and arriving at the same conclusion: traditional risk reporting wasn’t working.
For Lisa, whose background is in data analytics and data science, the turning point came when she was asked to build a cyber risk dashboard.
“I couldn’t figure out a way to take a control gap or control maturity… and create a dashboard that had some sort of actionable response to it,” she said. “And I found FAIR doing my own research—and it just clicked.”
Dan echoed that experience from a different angle. After serving in the Coast Guard, he entered cybersecurity and saw leaders struggling to justify decisions and budgets.
“They weren’t translating the technical knowledge that they had into terms that the business understood,” Dan explained. “FAIR is the only model that really gives us a defensible approach that can stand up to scrutiny from nontechnical users.”
For both leaders, FAIR replaces vague red-yellow-green scoring with decision-grade insight grounded in financial impact.
A central theme from Lisa and Dan was communication—especially at the executive and board level. Dan emphasized that CISOs are advisors, not risk owners, and that numbers change the tone of the conversation.
“We have to drop the acronyms and tell a story,” he said. “Telling a story with numbers gives us facts, not feelings.”
Lisa added that effective communication isn’t about presenting a single number—it’s about transparency.
“You should come in with ranges: best case, worst case, and be completely transparent with every assumption,” she said. “That’s what drives the conversation—and without that, you’re not going to walk out with a decision.”
Together, they framed FAIR as a way to elevate cyber risk discussions into clear business choices, not technical debates.
Looking ahead, the Sunshine State Chapter aims to meet practitioners where they are. Dan highlighted topics like third-party risk and AI adoption, where traditional questionnaires are breaking down.
“People know they aren’t getting anywhere speaking in ordinal values,” he said. “The big question is: how do I get started with the data I already have?”
Lisa shared an additional ambition: expanding FAIR beyond cyber.
“The rigor of FAIR bleeds out to all enterprise risk categories,” she said. “The board wants it—and now the goal is to get every area reporting risk the same way.”
With hybrid meetings, practitioner-led discussions, and a focus on real-world application, the Sunshine State Chapter is positioned to become a strong hub for FAIR learning and leadership.
Watch the Meet a Member interview video.
Register for the February 19 meeting