Pooya Alai, a Senior Cybersecurity Risk Manager for Maersk, the global shipping giant and integrator of logistics, came to FAIR™ (Factor Analysis of Information Risk) from a background in enterprise risk management (ERM), not IT, and his first reaction was “I can make something much more complicated than this.”
Meet a Member: Pooya Alai, Senior Cybersecurity Risk Manager for Maersk on Unblocking the Decision Process with FAIR
[fa icon="calendar'] Feb 16, 2023 6:30:00 AM / by Jeff B. Copeland posted in Meet a Member
Inherent Risk vs. Residual Risk Explained in 90 Seconds
[fa icon="calendar'] Feb 15, 2023 5:09:00 PM / by Rachel Slabotsky posted in FAIR
I recently had a conversation with clients around a risk analysis they conducted and noticed as they walked me through it that they seemed to get hung up on the terms “inherent risk” and “residual risk” and the inherent risk definition for that particular scenario.
'Risk Appetite' vs. 'Risk Tolerance'. What’s the Difference?
[fa icon="calendar'] Feb 7, 2023 4:49:00 PM / by FAIR Institute Staff posted in FAIR, Risk Management
The terms “risk appetite” and its close cousin “risk tolerance” are often poorly understood, very rarely used to good effect, and commonly used interchangeably.
Take Your FAIR Knowledge to the Next Level, as Recommended by a FAIR Enablement Specialist
[fa icon="calendar'] Feb 7, 2023 9:33:06 AM / by Sofia Bazante posted in FAIR Training
As a FAIR Enablement Specialist, I have the opportunity to speak with members of the FAIR Institute on a regular basis. One common theme I hear is the need to improve their skillset and understand the FAIR™ (Factor Analysis of Information Risk) model better.
Llevá tu conocimiento FAIR al siguiente nivel, según las recomendaciones de tu FAIR Enablement Specialist
[fa icon="calendar'] Feb 7, 2023 9:30:31 AM / by Sofia Bazante posted in FAIR Training
Como FAIR Enablement Specialist, tengo la oportunidad de hablar con miembros del Instituto FAIR de manera frecuente. Un tema común que escucho es la necesidad de mejorar su conjunto de habilidades y comprender mejor el modelo FAIR™ (Factor Analysis of Information Risk).
5 Tips and Insights from FAIR Institute Members in 2022
[fa icon="calendar'] Feb 2, 2023 7:00:00 AM / by Luke Bader posted in Member Content
The FAIR Institute community is a generous group when it comes to sharing techniques for success at risk analysis and risk management program building with FAIR cyber risk quantification – in the FAIR conferences, on the Institute blog, at local chapter meetings and in the new Slack channel for members.
Invitation to Inaugural FAIR Institute Middle East and Africa Summit in Jordan
[fa icon="calendar'] Jan 31, 2023 8:58:00 AM / by Luke Bader posted in Events, FAIR Conference 2023
Join us on Monday, March 20, 2023, at the first-ever FAIR Institute Middle East and Africa Summit in Jordan, to learn and discuss how organizations throughout the Middle East and Africa can leverage the FAIR™ model to build modern and highly effective cyber and operational risk management programs.
Leveraging the Human Element for a Successful FAIR Risk Management Program, Part 1
[fa icon="calendar'] Jan 26, 2023 11:11:19 AM / by Zach Cossairt posted in Member Content
We wear a lot of hats as we’re building and managing risk programs. Here’s a few of them...
Attend a Seminar with FAIR Creator Jack Jones, Take FAIR Training at the 2023 RSA Conference
[fa icon="calendar'] Jan 25, 2023 9:36:12 AM / by Luke Bader posted in Jack Jones, FAIR Training
Again this year, the FAIR Institute has a major presence at the RSA Conference, April 24-27 in San Francisco, with two seminars led by cyber risk quantification authority Jack Jones
Meet a Member – Darren Kane, CSO at Australia’s nbn, on Expanding Your Outlook on Security with FAIR
[fa icon="calendar'] Jan 24, 2023 10:10:39 AM / by Jeff B. Copeland posted in Meet a Member
If you’re a CISO or other security or risk professional looking to grow your opportunities, Darren Kane has a message for you: “The idea of a person accountable for security saying I only look after security, all that other (business) stuff doesn’t truly impact on me, it doesn’t work like that anymore