At the recent FAIR Institute London Summit, Pooya Alai and Rebekka Kurland of the cybersecurity risk team at Maersk, the global shipping and logistics giant, presented a FAIR case study with a message about communicating to stakeholders
FAIR Institute London Summit: Maersk Case Study on FAIR Analysis for M&A Risk - “Sometimes Talking Dollars Is Not Enough”
[fa icon="calendar'] Jun 8, 2023 7:30:00 AM / by Jeff B. Copeland posted in Case Studies, FAIR Conference 2023
ISACA Journal Case Study: ‘Building a Rock-Solid ERM Culture on FAIR™’
[fa icon="calendar'] May 14, 2020 6:31:00 AM / by Jeff B. Copeland posted in Case Studies, Meet a Member
The latest issue of the ISACA Journal (available here to registered members) presents a detailed case study on the long-running FAIR™ program at Rock Holdings, Inc. (parent company of Quicken Loans and Rocket Loans)
Amazon S3 Bucket Data Breaches – a FAIR™ Risk Analysis
[fa icon="calendar'] Apr 13, 2020 11:48:00 AM / by Rebecca Merritt posted in FAIR, Risk Management, Case Studies
With the ongoing big move to cloud storage to support working from home, it seems inevitable that we’re going to see more data breaches on Amazon S3 “buckets”, an evergreen cybersecurity problem. It happened again a week ago
FAIR™ Analysis Case Study Webinar: Decrease Risk from Employees Working at Home
[fa icon="calendar'] Apr 9, 2020 8:29:56 AM / by Jeff B. Copeland posted in FAIR, Case Studies
Here’s a timely topic, with an army of office workers moved over to working at home due to the pandemic. In this short webinar (watch it below), Risk Consultant Christina Dulovich walks you through a FAIR™ analysis
Video: How Ascena Retail Transferred Millions in Risk to 3rd Party Vendors, and More Wins from Its FAIR™ Program
[fa icon="calendar'] Mar 11, 2020 8:26:00 AM / by Jeff B. Copeland posted in FAIR, Case Studies
In this short talk at the FAIR Institute Breakfast during the 2020 RSA Conference, Ascena Retail CISO Mark Tomallo transferred a lot of knowledge about starting and winning with a FAIR™ program
[Video] Overcoming 3 Challenges in Your FAIR Risk Analysis Program: Robert Immella, KeyBank
[fa icon="calendar'] Jul 2, 2019 1:22:14 PM / by Jeff B. Copeland posted in FAIR, Case Studies, Meet a Member
At the FAIR Institute Breakfast during the recent Gartner Security and Risk Management Summit, Robert Immella FAIR cyber risk analyst for KeyBank, gave a talk filled with actionable tips
Evaluating Data Retention Risk from GDPR Using FAIR
[fa icon="calendar'] Jul 1, 2019 8:45:00 AM / by Rachel Slabotsky posted in FAIR, Risk Management, Case Studies
Despite the increased focus and attention on data privacy triggered by GDPR that went into effect in May 2018, studies have shown that organizations still have some strides to make in order to be fully in compliance with the mandate. In fact, a recent survey by Varonis reported that many organizations continue to accumulate data that no longer needs to be retained, despite GDPR’s right-to-be forgotten clause.
FAIR Breakfast Case Study: LPL Financial Realigns Risk Management around FAIR (Video)
[fa icon="calendar'] Jun 25, 2019 8:45:00 AM / by Jeff B. Copeland posted in FAIR, Case Studies
At the FAIR Institute Breakfast meeting that ran parallel to the recent Gartner Security and Risk Management Summit, Matthew R. Martin, Senior Vice President Information Security and Technology, LPL Financial, gave a candid assessment of the challenges and opportunities in introducing FAIR to his organization.
Case Study: NIST Digital Identity Guidelines and FAIR “Made for Each Other”
[fa icon="calendar'] Sep 29, 2017 5:15:42 PM / by Jeff B. Copeland posted in FAIR, Case Studies
The new NIST 800-63-3 Digital Identity Guidelines and FAIR were “made for each other”, writes Chip Block, VP at Evolver, Inc., (the operator of large-scale security operations centers for government and business) in an article just published on The Security Ledger website -- the guidelines establish levels of security based on risk, and FAIR sets monetary values for the risk, enabling organizations to prioritize spending.
Pro Tip for FAIR Risk Scenario Analysis: Map It
[fa icon="calendar'] Apr 10, 2017 10:41:26 AM / by Cody Whelan posted in FAIR, Case Studies
I just wrapped an engagement helping a really great customer identify their top ten risks. Talk about commitment: They organized a book club where members of Information Security, Privacy and Audit were actively studying the FAIR book, Measuring and Managing Information Risk.
At the last club meeting, somebody said “I love the FAIR model and risk quantification. But how do I apply this to the risks that face me and my department?”