Why did FAIR™ (Factor Analysis of Information Risk) emerge as the de facto number-one standard model for cyber, technology and operational risk analysis? No other risk model supports defensible quantitative analysis in the financial terms
10 Reasons Why FAIR Is Winning
[fa icon="calendar'] May 17, 2022 3:57:43 PM / by Nicola (Nick) Sanna posted in FAIR
FAIR vs. Proprietary Cyber Risk Analysis Models: What’s the Difference? Jack Jones Explains
[fa icon="calendar'] Mar 9, 2022 10:38:13 AM / by Jeff B. Copeland posted in FAIR
A recent report by an industry research firm stated that, for quantitative cyber risk management, CISOs had to choose among Factor Analysis of Information Risk (FAIR™), proprietary models for risk analysis or a combination of the two.
4 Ways FAIR Cyber Risk Analysis Saves Money
[fa icon="calendar'] Mar 2, 2022 5:13:31 PM / by Jeff B. Copeland posted in FAIR, Risk Management
By quantifying cyber risk in financial terms, Factor Analysis of Information Risk (FAIR™) brings a bottom-line focus to budgeting and spending decisions
3 Risk Identification Questions You Should Be Asking
[fa icon="calendar'] Feb 8, 2022 11:59:00 PM / by David Musselwhite posted in FAIR, Risk Management
Risk managers are always seeking to address the cybersecurity and technology risks that matter most to their organizations. But you can’t analyze and prioritize what you don’t identify.
Watch this ISACA Webinar for an Introduction to FAIR Cyber Risk Quantification by the Two Jacks (Jones and Freund)
[fa icon="calendar'] Jul 8, 2021 8:14:19 AM / by Jeff B. Copeland posted in FAIR
You can’t get a more authoritative introduction to Factor Analysis of Information Risk than this webinar for ISACA by Jack Jones, creator of FAIR™ and Chairman of the FAIR Institute, and his co-author on the FAIR book, Jack Freund
Daniel Kahneman’s Book 'Noise' Sounds the Same Alarms about Muddled Decision-Making as the FAIR Movement
[fa icon="calendar'] Jul 1, 2021 8:15:00 AM / by Jeff B. Copeland posted in FAIR
In a new book, Noise: A Flaw in Human Judgment, Daniel Kahneman and co-authors study professional judgments made in hiring, sentencing, insurance underwriting, medical diagnosis and many more fields
Considering FAIR? Listen to this CISO’s Journey to Quantification
[fa icon="calendar'] Jun 9, 2021 3:17:58 PM / by Jeff B. Copeland posted in FAIR
We often talk about the “FAIR™ journey” up from qualitative, compliance-oriented, or other less disciplined forms of cyber risk management to Factor Analysis of Information Risk.
“What They Didn’t Teach You in FAIR School” – Ground-level Insights on Building a Successful Quantitative Risk Analysis Program from Jack Whitsitt
[fa icon="calendar'] Jun 3, 2021 8:30:00 AM / by Jeff B. Copeland posted in FAIR, Member Content
Jack Whitsitt has been a FAIR practitioner since 2016, built the quantitative risk analysis program at Bank of America and is now doing the same at Datto (the services provider to MSPs)
FAIR Risk Basics: What Is Loss Magnitude?
[fa icon="calendar'] Apr 15, 2021 4:11:25 PM / by Jeff B. Copeland posted in FAIR
Factor Analysis of Information Risk (FAIR™) defines “risk” in a way that’s both simple and useful.
Risk = the probable frequency and probable magnitude of future loss
Download a 4-Point Primer on FAIR to Share with Your Organization
[fa icon="calendar'] Mar 31, 2021 10:29:00 AM / by Luke Bader posted in FAIR
FAIR Evangelists - Here's a short handy, persuasive explainer about the FAIR™ standard for cyber risk quantification that you can download in pdf form, suitable as a leave-behind after meeting with a small group or for circulating throughout your organization.