FAIR Institute Blog

How to Use DREAD Analysis with FAIR

[fa icon="calendar'] May 18, 2018 8:45:01 AM / by Taylor Chester posted in FAIR

[fa icon="comment"] 0 Comments

Let’s talk DREAD (the mnemonic threat assessment framework, not the overwhelming feeling of despair associated with your reoccurring 4:30 p.m. Friday meeting). So, what is DREAD?

Read More [fa icon="long-arrow-right"]

Should Boards Establish a Separate Risk Committee?

[fa icon="calendar'] May 17, 2018 10:22:17 AM / by Nicola (Nick) Sanna posted in Risk Management

[fa icon="comment"] 0 Comments

In traditional board of directors committee structure, each of the board’s five main functions (strategy, executive selection and compensation, governance, audit, risk and compliance) is assigned to a different committee, except one: risk, long handled by the audit committee.

Read More [fa icon="long-arrow-right"]

[Webinar on Demand] Crowdsourced Probability Estimates for Cyber Risk Analysis

[fa icon="calendar'] May 17, 2018 10:02:13 AM / by Jeff B. Copeland posted in FAIR

[fa icon="comment"] 0 Comments

FAIR expert, Director of Technology Risk at Lending Club, and chair of the San Francisco Bay Area Chapter of the FAIR Institute, Tony Martin-Vegue is always at the cutting edge of thinking on cyber risk analysis.

Read More [fa icon="long-arrow-right"]

[Video] FAIR Breakfast at RSAC: Jack Jones on “The Blueprint” for FAIR Program Success

[fa icon="calendar'] May 11, 2018 11:22:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management, Events

[fa icon="comment"] 0 Comments

“To adopt FAIR simply means your organization is using it to make decisions,” FAIR Institute Chairman Jack Jones told the FAIR Institute Breakfast at the recent RSA Conference
Read More [fa icon="long-arrow-right"]

RSA CTO: “People Are Beginning to Think about Security in Risk Terms”

[fa icon="calendar'] May 9, 2018 9:27:46 AM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

In a video interview just out on eWeek, titled “RSA Taking a FAIR Approach to Defining Cyber-Risk”, RSA Chief Technology Officer Zulfikar Ramzan discusses what he calls the “exciting” new direction for RSA Archer: “cyber risk economics and cyber risk quantification.

Read More [fa icon="long-arrow-right"]

FAIR Institute’s New Cyber Risk Analyst Job Board on Link

[fa icon="calendar'] May 8, 2018 8:30:00 AM / by Luke Bader posted in FAIR, FAIR University

[fa icon="comment"] 0 Comments

With more and more companies building their cyber risk management programs on FAIR, hiring a certified FAIR analyst can get competitive. The FAIR Institute is excited to launch the our Job Board to connect employers with Institute members who are FAIR-certified analysts looking for their next career move.

Read More [fa icon="long-arrow-right"]

A Question of CISO Focus: Technology or Business?

[fa icon="calendar'] May 7, 2018 1:08:14 PM / by Jack Jones posted in Risk Management

[fa icon="comment"] 0 Comments

A few days ago I had the privilege of providing the opening keynote address at an IANS event in Dallas.  If you’re not familiar with IANS (Institute for Applied Network Security), I encourage you to look into it as I believe it serves a very useful purpose and is working hard to be forward-looking.  Regardless, one of the questions that was discussed at this event was how much of a CISO’s focus should be on business versus technology. 

Read More [fa icon="long-arrow-right"]

Cyber Risk Is New but FAIR Analysis Applies Time-tested Techniques

[fa icon="calendar'] May 4, 2018 8:00:00 AM / by David Musselwhite posted in FAIR

[fa icon="comment"] 0 Comments

“Everyone dislikes novelty, and experts tend to be over-critical of proposals in their own domain.” This is the plainly-stated conclusion of a fascinating blind study wherein expert medical researchers were asked to evaluate new research proposals, some in other medical specialties and some in the areas in which they were experts. “New ideas got worse scores from everyone, but they were particularly punished by experts.” 

Read More [fa icon="long-arrow-right"]

KRIs for Cybersecurity: Canaries in Coal Mines

[fa icon="calendar'] May 1, 2018 8:30:00 AM / by Jack Freund posted in FAIR, Risk Management

[fa icon="comment"] 2 Comments

For a long time, humans have used various organisms to help them detect dangerous environmental conditions. Animals used for this purpose are called ‘Sentinel Species’ by scientists -- the best example is the use of caged canaries to detect dangerous levels of carbon monoxide in coal mines.

Read More [fa icon="long-arrow-right"]

FAIRCON18 Early Bird Pricing Ends May 18 - Don't Miss Out

[fa icon="calendar'] Apr 30, 2018 9:00:00 AM / by Luke Bader posted in FAIR Conference 2018

[fa icon="comment"] 0 Comments

If you haven’t heard already, we are getting ready to host the third annual FAIR Conference (FAIRCON18) at Carnegie Mellon University in Pittsburgh, Pennsylvania, on October 16 -17, 2018.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts