Jack Jones, FAIR Institute Chairman and creator of the FAIR model, gave a wide-ranging keynote speech for the 2018 FAIR Conference on “The Next Frontier in Risk Management”, that was both a candid look at the challenges faced by the risk profession and a call to action to move up to true risk management maturity.
The last several months has seen a frightening jump in the fines and judgments against companies over cyber breaches. Uber settled on a $148M fine for their handling of their 2016 breach, Yahoo was hit with an SEC fine of $35M for their disclosure of the breach of their email accounts
Dark Reading is just out with 7 Steps to Start Your Risk Assessment, a handy guide to FAIR concepts that draws on the advice of three FAIR experts
In a press release today, the FAIR Institute announced agenda details for the upcoming 2018 FAIR Conference (FAIRCON18), October 16-17, at Carnegie Mellon University in Pittsburgh – and pledged to make the event "movement central" for cyber risk economics
Far too many organizations approach their risk management operations using phrases such as “That risk feels high to me...” Since the end result of a risk assessment involves the assignment of a verbal risk label, those not practiced in quantitative risk management focus on the output and not the input--to their detriment.
FAIR Institute Chairman Jack Jones will speak on how to apply the FAIR risk quantification model with the NIST Cybersecurity Framework for better executive decision-making at the 2018 NIST Cybersecurity Risk Management Conference
The FAIR Institute welcomes Dr. Zulfikar Ramzan, CTO of RSA Security, to the Board of the Institute. If you’ve heard Zully speak at an RSA event (or seen his Chalk Talk videos), you know him as a big-picture thinker on cybersecurity based on unusually broad career experience
(To the tune of Ice Ice Baby)
Alright, stop! Collaborate, and listen. FAIR is back to give advice you been missin’
If Risk has grabbed ahold of you tightly, run an analysis, quantify it rightly.
It’s an annual event – the enterprise risk management team or the CFO reaches out to the CISO or CIO when it’s time to renew cyber insurance coverage. They ask for the same information as last year:
It’s a powerful concept in innovation laid out in the Jobs to Be Done theory: Know what your user hopes to accomplish and provide the solution to that specific need. In planning the 2018 FAIR Conference (October 16-17, Carnegie Mellon University, Pittsburgh), the FAIR Institute built the conference agenda with an eye on the jobs that conference attendees (and their organizations) need to get done.
