FAIR Institute Blog

Listen to the Webinar: 3 Steps to FAIR™ Program Success at Highmark Health

[fa icon="calendar'] Dec 3, 2019 11:03:03 AM / by Luke Bader posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

FAIR™ program manager Jason Martin generously shared the learnings from two years of FAIR implementation at Highmark Health, the major hospital and health plan administrator

Read More [fa icon="long-arrow-right"]

NIST Maps FAIR to the CSF - Big Step Forward in Acceptance of Cyber Risk Quantification

[fa icon="calendar'] Nov 19, 2019 2:36:00 PM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

It's official: NIST has formally published FAIR as an Informative Reference to the NIST CSF, the most widely used cybersecurity framework in the U.S,  a major milestone in the history of FAIR. This means that there is mapping between FAIR and the NIST CSF standard in the sections covering risk analysis and risk management.

Read More [fa icon="long-arrow-right"]

Second Thoughts on Secondary Loss in FAIR.  What Are Your Thoughts?

[fa icon="calendar'] Nov 4, 2019 9:43:45 AM / by Osama Salah posted in FAIR

[fa icon="comment"] 3 Comments

United Arab Emirates FAIR Chapter Chair Osama Salah has been puzzling over the most effective way to use Secondary Loss (incurred by shareholders, customers, etc.) in the FAIR Model—join the discussion in the comments section of this post or on the LINK discussion board (membership required).

Read More [fa icon="long-arrow-right"]

All-in-One Matrix: Regulatory Compliance Risk Assessment Overview - Updated with NIST CSF + FAIR

[fa icon="calendar'] Sep 19, 2019 10:45:00 AM / by Steve Reznik posted in FAIR, Risk Management, White Paper

[fa icon="comment"] 1 Comment

Originally published in April, 2019, this summary matrix has now been updated to include the integration of FAIR into the NIST Cybersecurity Framework. NIST has now listed FAIR as an Informative Reference for risk management and risk assessment in the framework. Learn more in this blog post: NIST Maps FAIR to the CSF: Big Step Forward in Acceptance of Cyber Risk Quantification.

Read More [fa icon="long-arrow-right"]

FAIR Institute Briefs Congressional Staff at ‘Cyber Day on the Hill’

[fa icon="calendar'] Sep 10, 2019 10:01:34 AM / by Luke Bader posted in FAIR

[fa icon="comment"] 0 Comments

FAIR Institute President Nick Sanna was among the featured speakers last week at the first annual Cyber Day on the Hill, an event organized to educate Congressional staff members on cutting edge thinking in cybersecurity, both on the national policy level and for protecting their own offices from attack.  

Read More [fa icon="long-arrow-right"]

Three Reasons You Should Get FAIR Certified

[fa icon="calendar'] Sep 6, 2019 11:00:00 AM / by David Musselwhite posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

Whether you’ve just been introduced to FAIR, recently completed RiskLens’ FAIR training, or learned about FAIR through self-study, pursuing the Open FAIR Certification is a worthwhile goal. As more large companies and regulatory bodies accept FAIR as a leading methodology for quantitatively analyzing risk, the Open FAIR Certification is becoming increasingly valuable. 

Read More [fa icon="long-arrow-right"]

NIST CSF and FAIR Integration at Cimpress Called “Success Story” by NIST

[fa icon="calendar'] Sep 3, 2019 3:16:01 PM / by Jeff B. Copeland posted in FAIR, FAIR Conference 2019

[fa icon="comment"] 0 Comments

Using the FAIR model, forward-thinking CISOs are applying quantitative financial analysis of cyber risk to the recommendations generated by the NIST Cybersecurity Framework. FAIR analysis shows how to prioritize among the recommended best practices in the CSF to maximize investment  

Read More [fa icon="long-arrow-right"]

Participate in the 3rd Annual 2019 Risk Management Maturity Benchmark Survey

[fa icon="calendar'] Aug 26, 2019 10:51:12 AM / by Luke Bader posted in FAIR, FAIR Conference 2019

[fa icon="comment"] 0 Comments

The FAIR Institute, in partnership with RiskLensRSARiskRecon, CyberVista, and Protiviti, is launching the 2019 Risk Management Maturity Survey, an opportunity for cyber and information risk professionals to rate their risk management practices and benchmark their organizations against their peers. 

Read More [fa icon="long-arrow-right"]

Aggregating Expert Opinion: Simple Averaging Method in Excel

[fa icon="calendar'] Aug 15, 2019 10:53:37 AM / by Tony Martin-Vegue posted in FAIR

[fa icon="comment"] 0 Comments

"Expert judgment has always played a large role in science and engineering. Increasingly, expert judgment is recognized as just another type of scientific data …" -Goossens et al., “Application and Evaluation of an Expert Judgment Elicitation Procedure for Correlations

Read More [fa icon="long-arrow-right"]

[Video] 4 Tips for Starting Your FAIR Program from Musso Shaikh of Fannie Mae

[fa icon="calendar'] Aug 7, 2019 10:44:22 AM / by Jeff B. Copeland posted in FAIR, Events

[fa icon="comment"] 0 Comments

Attendees at the FAIR Institute Breakfast during the recent Gartner Summit on Security and Risk Management heard tales of three successful FAIR cyber risk quantification programs from Matthew Martin of LPL Financial, Robert Immella of Key Bank and, lastly, Musso Shaikh, Program Manager, Cyber Threat Intelligence, at Fannie Mae, the big provider of mortgage financing.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts