FAIR Institute Chairman and FAIR model creator Jack Jones started his keynote for the 2019 FAIR Conference at National Harbor, MD, with a question: “What’s the cost of a $5 million risk management program?” all in with salaries, services, technology, etc. Much more than you think, Jack pointed out.
SC Media has awarded FAIR Institute Chairman Jack Jones with the SC Media Reboot Leadership Award in the Non-Profit Founders category. Jack is the creator of Factor Analysis of Information Risk, the FAIR model for risk quantification that is indeed rebooting risk management
Originally published in April, 2019, this summary matrix has now been updated to include the integration of FAIR into the NIST Cybersecurity Framework. NIST has now listed FAIR as an Informative Reference for risk management and risk assessment in the framework. Learn more in this blog post: NIST Maps FAIR to the CSF: Big Step Forward in Acceptance of Cyber Risk Quantification.
In a new survey for Microsoft and insurance broker Marsh, only 17% of the senior executives surveyed said they spent more than a few days cumulatively over the past year on cyber risk. More than half, 51%, spent several hours or less. Yet 80% of organizations ranked cyber risk as a top-five concern.
We’re looking forward to seeing you – and the rest of the worldwide FAIR community of innovative thinkers and doers in the fields of cyber, technology and operational risk – Tuesday and Wednesday of next week, September 24 -25, at the 2019 FAIR Conference
In an important article for ISSA Journal, Jack Freund, PhD, co-author of the FAIR book, Measuring and Managing Information Risk, introduces the concept of a Cyber Risk Intelligence Framework that combines four standard frameworks, including FAIR
Today marks a milestone in FAIR history as NIST has formally published FAIR as an Informative Reference to the NIST CSF, the most widely used cybersecurity framework in the U.S. This means that there is mapping between FAIR and the NIST CSF standard in the sections covering risk analysis and risk management.
We are very pleased to announce that Douglas W. Hubbard, whose original thinking on measuring risk has been a building block of Factor Analysis of Information Risk (FAIR), will speak at the 2019 FAIR Conference, September 24-25. Doug’s topic “How to Measure Risk with Limited and Messy Data: Overcoming the Myths”
FAIR Institute President Nick Sanna was among the featured speakers last week at the first annual Cyber Day on the Hill, an event organized to educate Congressional staff members on cutting edge thinking in cybersecurity, both on the national policy level and for protecting their own offices from attack.
Whether you’ve just been introduced to FAIR, recently completed RiskLens’ FAIR training, or learned about FAIR through self-study, pursuing the Open FAIR Certification is a worthwhile goal. As more large companies and regulatory bodies accept FAIR as a leading methodology for quantitatively analyzing risk, the Open FAIR Certification is becoming increasingly valuable.