FAIR Institute Blog

All-in-One Matrix: Regulatory Compliance Risk Assessment Overview - Updated with NIST CSF + FAIR

[fa icon="calendar'] Sep 19, 2019 10:45:00 AM / by Steve Reznik posted in FAIR, Risk Management, White Paper

[fa icon="comment"] 0 Comments

Originally published in April, 2019, this summary matrix has now been updated to include the integration of FAIR into the NIST Cybersecurity Framework. NIST has now listed FAIR as an Informative Reference for risk management and risk assessment in the framework. Learn more in this blog post: NIST Maps FAIR to the CSF: Big Step Forward in Acceptance of Cyber Risk Quantification.

Read More [fa icon="long-arrow-right"]

NIST Maps FAIR to the CSF - Big Step Forward in Acceptance of Cyber Risk Quantification

[fa icon="calendar'] Sep 13, 2019 9:01:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

Today marks a milestone in FAIR history as NIST has formally published FAIR as an Informative Reference to the NIST CSF, the most widely used cybersecurity framework in the U.S. This means that there is mapping between FAIR and the NIST CSF standard in the sections covering risk analysis and risk management.

Read More [fa icon="long-arrow-right"]

FAIR Institute Briefs Congressional Staff at ‘Cyber Day on the Hill’

[fa icon="calendar'] Sep 10, 2019 10:01:34 AM / by Luke Bader posted in FAIR

[fa icon="comment"] 0 Comments

FAIR Institute President Nick Sanna was among the featured speakers last week at the first annual Cyber Day on the Hill, an event organized to educate Congressional staff members on cutting edge thinking in cybersecurity, both on the national policy level and for protecting their own offices from attack.  

Read More [fa icon="long-arrow-right"]

Three Reasons You Should Get FAIR Certified

[fa icon="calendar'] Sep 6, 2019 11:00:00 AM / by David Musselwhite posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

Whether you’ve just been introduced to FAIR, recently completed RiskLens’ FAIR training, or learned about FAIR through self-study, pursuing the Open FAIR Certification is a worthwhile goal. As more large companies and regulatory bodies accept FAIR as a leading methodology for quantitatively analyzing risk, the Open FAIR Certification is becoming increasingly valuable. 

Read More [fa icon="long-arrow-right"]

NIST CSF and FAIR Integration at Cimpress Called “Success Story” by NIST

[fa icon="calendar'] Sep 3, 2019 3:16:01 PM / by Jeff B. Copeland posted in FAIR, FAIR Conference 2019

[fa icon="comment"] 0 Comments

Using the FAIR model, forward-thinking CISOs are applying quantitative financial analysis of cyber risk to the recommendations generated by the NIST Cybersecurity Framework. FAIR analysis shows how to prioritize among the recommended best practices in the CSF to maximize investment  

Read More [fa icon="long-arrow-right"]

Participate in the 3rd Annual 2019 Risk Management Maturity Benchmark Survey

[fa icon="calendar'] Aug 26, 2019 10:51:12 AM / by Luke Bader posted in FAIR, FAIR Conference 2019

[fa icon="comment"] 0 Comments

The FAIR Institute, in partnership with RiskLensRSARiskRecon, CyberVista, and Protiviti, is launching the 2019 Risk Management Maturity Survey, an opportunity for cyber and information risk professionals to rate their risk management practices and benchmark their organizations against their peers. 

Read More [fa icon="long-arrow-right"]

Aggregating Expert Opinion: Simple Averaging Method in Excel

[fa icon="calendar'] Aug 15, 2019 10:53:37 AM / by Tony Martin-Vegue posted in FAIR

[fa icon="comment"] 0 Comments

"Expert judgment has always played a large role in science and engineering. Increasingly, expert judgment is recognized as just another type of scientific data …" -Goossens et al., “Application and Evaluation of an Expert Judgment Elicitation Procedure for Correlations

Read More [fa icon="long-arrow-right"]

[Video] 4 Tips for Starting Your FAIR Program from Musso Shaikh of Fannie Mae

[fa icon="calendar'] Aug 7, 2019 10:44:22 AM / by Jeff B. Copeland posted in FAIR, Events

[fa icon="comment"] 0 Comments

Attendees at the FAIR Institute Breakfast during the recent Gartner Summit on Security and Risk Management heard tales of three successful FAIR cyber risk quantification programs from Matthew Martin of LPL Financial, Robert Immella of Key Bank and, lastly, Musso Shaikh, Program Manager, Cyber Threat Intelligence, at Fannie Mae, the big provider of mortgage financing.

Read More [fa icon="long-arrow-right"]

FAIR Institute Launches FAIR Enablement Program

[fa icon="calendar'] Aug 6, 2019 12:22:33 PM / by Luke Bader posted in FAIR, Fair Institute

[fa icon="comment"] 0 Comments

To support the rapid pace of growth in new membership to the FAIR Institute - now at 6,000 members strong and anticipated to surpass 7,000 by year end - the FAIR Institute is growing its support capability and focus on enablement programs for all of its members worldwide.

Read More [fa icon="long-arrow-right"]

Capital One Breach Shows Cybersecurity Is “Lost in Noise”,  Jack Jones Tells New York Times

[fa icon="calendar'] Aug 1, 2019 8:13:20 AM / by Jeff B. Copeland posted in FAIR, Jack Jones

[fa icon="comment"] 0 Comments

New York Times reporters Stacy Cowley and Nicole Perlroth turned to FAIR Institute Chairman and RiskLens Chief Risk Scientist Jack Jones to answer the question, why are big banks in an Endless Fight with Hackers, as their article on the massive Capital One breach asks. 

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts