The FAIR Institute awarded Neil Davis, Head of Cyber Risk Management for Maersk, with its FAIR Champion Award for his work introducing Factor Analysis of Information Risk™ to the giant shipping company under crisis conditions.
In 2017, Maersk was among the many international companies hit as collateral damage by the NotPetya malware aimed allegedly by Russian actors at Ukrainian businesses. Neil had just started at Maersk when, as he told the FAIR Conference in a video award-acceptance speech, the company was rendered “dead in the water,” with ships around the world cut off from the systems that tell them where to go and what to deliver.
Neil had recently been experimenting with FAIR-style Monte Carlo probability estimation but in the rush to respond to the crisis, his team prioritized with an old-fashioned qualitative heat map.
But over time, that left them with “a glut of medium risks. We weren’t helping the business…It was the right time to look at FAIR again.”
Watch the video of Neil’s speech to the 2022 FAIR Conference to learn more about how Maersk applied FAIR (with the RiskLens platform) to risk prioritization.