Practitioner’s FAIRCON24 Guide: Master AI, 3rd-party Risk, FAIR Automation
Whether you are gearing up to use FAIR™ cyber risk quantification for the first time or already a card-carrying, practicing FAIR analyst, the 2024 FAIR Conference (FAIRCON24) is rich in hands-on opportunities to gain skills or sharpen them in workshops, panel discussions, and lunch-table conversations. You’ll learn how to master third-party risk, AI risk, controls analytics, FAIR automation – and how to turn your role into a trusted advisor to your business decision-makers.
Register Now for the 2024 FAIR Conference and Trainings!
Fairmont Hotel, Washington, DC
Training September 29-30
Conference October 1-2
Here’s a look at what’s in store on the FAIRCON24 Practitioner Track (see the FAIRCON24 agenda for more).
Training Days
Sunday and Monday, September 29-30
FAIR Analysis Fundamentals, Day 1 and 2
Before the regular conference sessions, learn FAIR in the Institute’s official education program for beginners. The syllabus for the two days includes
- Intro to risk analysis
- Basic risk concepts
- FAIR terminology
- Understanding the FAIR Model
- Quantitative measurement
- Applying FAIR: Group Case Study Work
More Training for Practitioners on Day 2
If you’re already familiar with FAIR, consider our advancing your skills with training sessions focused on
- Estimating loss magnitude with FAIR-MAM
- Analyzing controls effectiveness with FAIR-CAM (FAIR creator Jack Jones teaching)
- Getting on top of third-party risk management with FAIR-TAM
- Socializing FAIR in your organization –risk psychology expert Gavriel Schneider
Conference Sessions for Practitioners
Empowering Business Decisions through CRQ: Insights from the Practitioner's Perspective
Tuesday, 11:45 AM
An A-team of FAIR practitioners will present actionable tips based on their first-hand experiences, spotlighting how the data-driven approach shapes critical business strategies and yields measurable success. Participants from Capital One, Roblox, Cigna and more.
More than Cheese - FAIR Third Party Analytics Model, Secret for a Perfect Pizza
Tuesday, 2:45 PM
What does pizza delivery have to teach us about third party cyber risk management (TPRM)? Plenty, as we will learn in this use case for FAIR-TAM analysis of supply chain risk – whether delivering software updates or a 12-inch pepperoni. Dive deeper into the topic in the following sessions…
Embracing a True Risk-Based Approach to TPRM
Tuesday, 4:00 PM
Meena Martin, VP, Cyber Risk and Assurance, discusses the TPRM risk management program powered by FAIR at the pharma giant GSK. Facilitator: Pankaj Goyal, Director, Research and Standards, FAIR Institute.
Keep Quantifying (or Else)
Tuesday, 4:50 PM
Pierre Olodo, Senior Lead Cyber Risk, for luxury brands purveyor Richemont International, will show us how to prepare for success as the popularity of FAIR analysis spreads in your organization and demands on the FAIR risk team balloon – with tips and tricks such as stockpiling “buckets” of risk scenarios.
Effectively Managing Cloud Security Cyber Risk
Wednesday 10:00 AM
We’ll explore the data and scenarios that the best FAIR analysts apply to cloud security, as practiced by Aatish Tiwari, Director, Architecture & Cloud, J.Crew, and more experts.
Navigating the Complexities of Assessing and Managing AI Risk
Wednesday, 11:15 AM
The FAIR Institute’s AI Workgroup, with members from Databricks, Manpower Group and Safe Security, reports on their work to bring the discipline of quantitative risk analysis to this fast-moving field, including defining the new types of risk scenarios that AI raises.
Fireside Chat with Jack Jones, Author of FAIR™ and FAIR-CAM™
Wednesday, 1:00 PM
Todd Tucker, Managing Director, FAIR Institute, interviews Jack Jones, Chairman Emeritus of the Institute in a don’t-miss session on where the FAIR movement is headed.
Building an Enterprise Risk Ownership Model that Actually Works: Quant Risk Ownership and Acceptability
Wednesday, 1:45 PM
Our industry has not figured out an effective way to practice risk ownership. Worse, the existing tools and practices recommended to us by leading frameworks range from misguided to detrimental. Join this session to learn a better way to accountable decision-making.
-Or-
ATT&CKing Cyber Risk Quantification
Wednesday, 1:45 PM
In most organizations, the threat intel and risk quantification programs rarely collaborate. Wader Baker, Partner, Cyentia Institute, presents a way to bridge that gap using loss-event data for FAIR analysis and the attacker techniques documented by the MITRE ATT&CK framework.
Risk at the Speed of Business: Delivering Risk Management as a Service
Wednesday, 3:00 PM
Zach Cossairt, Integrated Risk Program Senior Manager, Governance Risk & Compliance, shows how the FAIR risk team at Equinix successfully operationalized their work to fulfill the theme of our conference
Getting Started with FAIR™
Wednesday, 3:45 PM
Two of the best teachers in the FAIR movement, Rob Moore, VP, Technology Risk Management, Mastercard and Tony Martin-Vegue, Technology Risk Management, Netflix, will show you how to take your first steps on data gathering, finding and framing risk scenarios to analyze and more FAIR Program 101 topics.
Register Now for the 2024 FAIR Conference and Trainings!