FAIR Institute Blog

ISACA Journal Case Study: ‘Building a Rock-Solid ERM Culture on FAIR™’

[fa icon="calendar'] May 14, 2020 6:31:00 AM / by Jeff B. Copeland posted in Case Studies, Meet a Member

[fa icon="comment"] 0 Comments

The latest issue of the ISACA Journal (available here to registered members) presents a detailed case study on the long-running FAIR™ program at Rock Holdings, Inc. (parent company of Quicken Loans and Rocket Loans)

Read More [fa icon="long-arrow-right"]

Amazon S3 Bucket Data Breaches – a FAIR™ Risk Analysis

[fa icon="calendar'] Apr 13, 2020 11:48:00 AM / by Rebecca Merritt posted in FAIR, Risk Management, Case Studies

[fa icon="comment"] 1 Comment

With the ongoing big move to cloud storage to support working from home, it seems inevitable that we’re going to see more data breaches on Amazon S3 “buckets”,  an evergreen cybersecurity problem. It happened again a week ago

Read More [fa icon="long-arrow-right"]

FAIR™ Analysis Case Study Webinar: Decrease Risk from Employees Working at Home

[fa icon="calendar'] Apr 9, 2020 8:29:56 AM / by Jeff B. Copeland posted in FAIR, Case Studies

[fa icon="comment"] 1 Comment

Here’s a timely topic, with an army of office workers moved over to working at home due to the pandemic. In this short webinar (watch it below), Risk Consultant Christina Dulovich walks you through a FAIR™ analysis

Read More [fa icon="long-arrow-right"]

Video: How Ascena Retail Transferred Millions in Risk to 3rd Party Vendors, and More Wins from Its FAIR™ Program

[fa icon="calendar'] Mar 11, 2020 8:26:00 AM / by Jeff B. Copeland posted in FAIR, Case Studies

[fa icon="comment"] 0 Comments

In this short talk at the FAIR Institute Breakfast during the 2020 RSA Conference, Ascena Retail CISO Mark Tomallo transferred a lot of knowledge about starting and winning with a FAIR™ program

Read More [fa icon="long-arrow-right"]

[Video] Overcoming 3 Challenges in Your FAIR Risk Analysis Program: Robert Immella, KeyBank

[fa icon="calendar'] Jul 2, 2019 1:22:14 PM / by Jeff B. Copeland posted in FAIR, Case Studies, Meet a Member

[fa icon="comment"] 2 Comments

At the FAIR Institute Breakfast during the recent Gartner Security and Risk Management Summit, Robert Immella FAIR cyber risk analyst for KeyBank, gave a talk filled with actionable tips

Read More [fa icon="long-arrow-right"]

Evaluating Data Retention Risk from GDPR Using FAIR

[fa icon="calendar'] Jul 1, 2019 8:45:00 AM / by Rachel Slabotsky posted in FAIR, Risk Management, Case Studies

[fa icon="comment"] 0 Comments

Despite the increased focus and attention on data privacy triggered by GDPR that went into effect in May 2018, studies have shown that organizations still have some strides to make in order to be fully in compliance with the mandate. In fact, a recent survey by Varonis reported that many organizations continue to accumulate data that no longer needs to be retained, despite GDPR’s right-to-be forgotten clause.

Read More [fa icon="long-arrow-right"]

FAIR Breakfast Case Study: LPL Financial Realigns Risk Management around FAIR (Video)

[fa icon="calendar'] Jun 25, 2019 8:45:00 AM / by Jeff B. Copeland posted in FAIR, Case Studies

[fa icon="comment"] 0 Comments

At the FAIR Institute Breakfast meeting that ran parallel to the recent Gartner Security and Risk Management Summit, Matthew R. Martin, Senior Vice President Information Security and Technology, LPL Financial, gave a candid assessment of the challenges and opportunities in introducing FAIR to his organization.

Read More [fa icon="long-arrow-right"]

Case Study: NIST Digital Identity Guidelines and FAIR “Made for Each Other”

[fa icon="calendar'] Sep 29, 2017 5:15:42 PM / by Jeff B. Copeland posted in FAIR, Case Studies

[fa icon="comment"] 0 Comments

The new NIST 800-63-3 Digital Identity Guidelines and FAIR were “made for each other”, writes Chip Block, VP at Evolver, Inc., (the operator of large-scale security operations centers for government and business) in an article just published on The Security Ledger website  -- the guidelines establish levels of security based on risk, and FAIR sets monetary values for the risk, enabling organizations to prioritize spending.

Read More [fa icon="long-arrow-right"]

Pro Tip for FAIR Risk Scenario Analysis: Map It

[fa icon="calendar'] Apr 10, 2017 10:41:26 AM / by Cody Whelan posted in FAIR, Case Studies

[fa icon="comment"] 2 Comments

I just wrapped an engagement helping a really great customer identify their top ten risks. Talk about commitment: They organized a book club where members of Information Security,  Privacy and Audit were actively studying the FAIR book, Measuring and Managing Information Risk.

At the last club meeting, somebody said “I love the FAIR model and risk quantification. But how do I apply this to the risks that face me and my department?”

Read More [fa icon="long-arrow-right"]

Video Now Available: Measuring DDoS Risk Using FAIR

[fa icon="calendar'] Nov 17, 2016 4:00:00 PM / by James Finn posted in FAIR, Risk Management, Events, Case Studies

[fa icon="comment"] 0 Comments

When Tony Martin-Vegue, Cyber Risk Manager at National Mortgage Insurance, presented this case study on measuring Distributed Denial of Service (DDoS) risk at FAIR Conference 2016, the world was only a week away from one of the largest DDoS attacks in history to-date.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts