Pooya Alai, a Senior Cybersecurity Risk Manager for Maersk, the global shipping giant and integrator of logistics, came to FAIR™ (Factor Analysis of Information Risk) from a background in enterprise risk management (ERM), not IT, and his first reaction was “I can make something much more complicated than this.”
I recently had a conversation with clients around a risk analysis they conducted and noticed as they walked me through it that they seemed to get hung up on the terms “inherent risk” and “residual risk” and the inherent risk definition for that particular scenario.
The terms “risk appetite” and its close cousin “risk tolerance” are often poorly understood, very rarely used to good effect, and commonly used interchangeably.
As a FAIR Enablement Specialist, I have the opportunity to speak with members of the FAIR Institute on a regular basis. One common theme I hear is the need to improve their skillset and understand the FAIR™ (Factor Analysis of Information Risk) model better.
Como FAIR Enablement Specialist, tengo la oportunidad de hablar con miembros del Instituto FAIR de manera frecuente. Un tema común que escucho es la necesidad de mejorar su conjunto de habilidades y comprender mejor el modelo FAIR™ (Factor Analysis of Information Risk).
The FAIR Institute community is a generous group when it comes to sharing techniques for success at risk analysis and risk management program building with FAIR cyber risk quantification – in the FAIR conferences, on the Institute blog, at local chapter meetings and in the new Slack channel for members.
Join us on Monday, March 20, 2023, at the first-ever FAIR Institute Middle East and Africa Summit in Jordan, to learn and discuss how organizations throughout the Middle East and Africa can leverage the FAIR™ model to build modern and highly effective cyber and operational risk management programs.
We wear a lot of hats as we’re building and managing risk programs. Here’s a few of them...
Again this year, the FAIR Institute has a major presence at the RSA Conference, April 24-27 in San Francisco, with two seminars led by cyber risk quantification authority Jack Jones
Meet a Member – Darren Kane, CSO at Australia’s nbn, on Expanding Your Outlook on Security with FAIR
If you’re a CISO or other security or risk professional looking to grow your opportunities, Darren Kane has a message for you: “The idea of a person accountable for security saying I only look after security, all that other (business) stuff doesn’t truly impact on me, it doesn’t work like that anymore
