If you haven’t heard already, we are getting ready to host the third annual FAIR Conference (FAIRCON18) at Carnegie Mellon University in Pittsburgh, Pennsylvania, on October 16 -17, 2018.
Every year, the RSA Conference is a snapshot of the ever-evolving State of the Cybersecurity Profession (and the vendors who market to it), and this year the State is…more risk- and risk-quantification-aware than ever.
The FAIR Institute is excited to announce our first breakfast meeting at the Gartner Security and Risk Management Summit on Tuesday, June 5, 2018 from 7:30 to 10 AM at National Harbor, MD.
After the shocking disruptions caused by WannaCry, the massive and immediate financial losses incurred because of NotPetya, and the sad and continued trend of each new year being "The Year of the Breach," the 50,000 cybersecurity practitioners and vendors gathered for the RSA Conference in San Francisco this week were ready for some good, uplifting post-2017 news.
In a perfect world, a quantitative cyber risk analysis would always leverage data that is both accurate and precise. Heck, every sort of financial analysis, whether personal or organizational, would leverage data and produce results that are both accurate and precise.
“Your organization has data regarding umpteen thousand unpatched vulnerabilities…So what? What decisions need to be made?” FAIR Institute Chairman Jack Jones asked an audience at the RSA Conference this week
As a former auditor, I understand the value a control has for an organization, a process or an application. But, I’ll be honest I used to think a control was one dimensional. It didn’t really matter what the control protected, if the control wasn’t functioning properly or configured exactly to a ‘T’, it was failing.
In September, 2017, the FAIR Institute launched the FAIR University Curriculum with the goal of helping to fill a void in the industry by assisting academia in building information risk management programs and developing the next generation of cyber risk executives.
The FAIR Institute is excited to announce our newest sponsoring partner, third-party risk management provider RiskRecon. RiskRecon’s continuous monitoring solution delivers prioritized action plans that enable precise and efficient elimination of your most critical third-party security risks.
The FAIR Institute is excited to have our Chairman, Jack Jones, represent the Institute at multiple events and sessions at the 2018 RSA Conference in San Francisco later this month. If you’re in town attending the conference, stop by the events below to hear Jack speak on the importance of quantitative analysis--and to say hello.