RSA Conference 2020 included FAIR™ among one of the top ten trends in cybersecurity, based on the 2,400 speaker applications for this year. The RSAC 2020 Trend Report’s #7 trending theme “Frameworks, Frameworks, Frameworks” covered FAIR and the NIST CSF (which this year added FAIR to its recommended resources).
This year, the conference is affording an unprecedented two half-day sessions to FAIR education, led by FAIR model creator and FAIR Institute Chairman Jack Jones. The Monday, February 24, sessions--aimed at cybersecurity, IT and risk professionals new to FAIR and the quantitative approach to cyber risk – will showcase how risk management expectations are evolving, especially with regards to how risk is being measured and communicated. Although heat maps and qualitative scales have been common practice for years, the industry has begun a strong shift toward quantitative methods.
The advantages are well-established — more effective prioritization, an ability to understand the cost-benefit proposition of risk management improvements, and the ability communicate with business executives in terms they understand. There are, however, challenges with quantitative methods that are less well understood — some of which are real, and many of which are not.
The half-day sessions will provide clarity on why the industry is evolving toward cyber risk quantification methods, as well as the challenges and practical solutions for leveraging these methods. The emphasis will be on gaining a pragmatic understanding of the why and the how, best practices and what to avoid in making the move to quantitative.
Register for a Full Conference Pass by January 24 and you’ll enjoy a $150 savings with the code 10UFAIRFD for your membership discount.
For more information on the session, register for RSAC20 today and select that you are interested in attending “A FAIR Approach to Cyber and Technology Risk Measurement” on Monday, 2/24, during your checkout. It will be listed under “Partner Perspectives.”
This session is worth 6 CPE Credits. To obtain a certificate of 6 CPE credits, please send your name, company, contact information, and proof of session attendance to Luke Bader at lbader@fairinstitute.org.
Also at RSAC20: RiskLens Academy will offer a two-day, hands-on training, the FAIR Analysis Fundamentals course.
More about FAIR:
COSO ERM’s Cyber Risk Guidance Recommends FAIR
Gartner Endorses Risk Quantification as Critical to Integrated Risk Management
