FAIR Institute Blog

Mapping FAIR-CAM to Cybersecurity Frameworks: ‘Compliance Is Going to Radically Change’

[fa icon="calendar'] Nov 23, 2022 3:17:56 PM / by Jeff B. Copeland posted in FAIR-CAM, FAIR Conference 2022

[fa icon="comment"] 0 Comments

Hat tip to the members of the FAIR Institute who have done so much to develop FAIR™ as the standard for quantitative cyber risk analysis – and a special recognition medal to the team of volunteers who mapped the new FAIR-CAM controls analytics model

Read More [fa icon="long-arrow-right"]

FAIRCON22 Video: Jack Jones Explains FAIR Controls Analytics, RiskLens Previews the FAIR-CAM Tool for Quantitative Risk Analysis Automation

[fa icon="calendar'] Nov 3, 2022 9:48:34 AM / by Jeff B. Copeland posted in FAIR-CAM, FAIR Conference 2022

[fa icon="comment"] 0 Comments

Cyber risk analysis must scale to meet the rising challenges of cybersecurity, and automation of quantitative analysis will get us there.

Read More [fa icon="long-arrow-right"]

Automation Is the Future of Cyber Risk Quantification. Get a First Look, Attend the 2022 FAIR Conference

[fa icon="calendar'] Sep 21, 2022 10:20:51 AM / by Jeff B. Copeland posted in FAIR-CAM, FAIR Conference 2022

[fa icon="comment"] 0 Comments

Automating quantitative cyber risk analysis – pulling together updated controls telemetry, threat intel, asset data, audits information and more to produce always-on analytics

Read More [fa icon="long-arrow-right"]

FAIR Institute Message to NIST Proposes Enhancing the NIST CSF with Quantitative Controls Analysis (FAIR-CAM)

[fa icon="calendar'] Aug 17, 2022 9:18:33 AM / by Luke Bader posted in FAIR-CAM

[fa icon="comment"] 0 Comments

Contributing to the National Institute of Standards and Technology (NIST) effort to update the Cybersecurity Framework (NIST CSF), the FAIR Institute sent a proposal to help align the framework with the FAIR Controls Analytics Model (FAIR-CAM™)

Read More [fa icon="long-arrow-right"]

3 New Ways to Think about Cybersecurity Controls

[fa icon="calendar'] Jun 15, 2022 11:46:43 AM / by Jeff B. Copeland posted in FAIR-CAM

[fa icon="comment"] 1 Comment

Jack Jones introduced FAIR-CAM™, the FAIR Controls Analytics Model, to challenge the cybersecurity profession to move beyond its reflexive focus on cybersecurity controls lists

Read More [fa icon="long-arrow-right"]

Jack Jones Speaks at RSAC 2022 on AI, Automation, the Future of Risk Measurement and What It Will Take to Get There

[fa icon="calendar'] Jun 9, 2022 9:40:50 AM / by Jeff B. Copeland posted in Jack Jones, FAIR-CAM

[fa icon="comment"] 0 Comments

FAIR standard creator Jack Jones spoke this week at the 2022 RSA Conference with the message that the future of risk measurement and management is (drum roll) artificial intelligence and automation. You might have heard the same in vendor booths on the show floor, but not like Jack told it: The industry won’t get there without a major shift left

Read More [fa icon="long-arrow-right"]

What’s the Risk Reduction Effect of NIST CSF Maturity Scores? Jack Jones and the FAIR-CAM Team Are Working on It

[fa icon="calendar'] Mar 21, 2022 2:21:31 PM / by Jeff B. Copeland posted in FAIR-CAM

[fa icon="comment"] 0 Comments

Since Jack Jones introduced the FAIR Controls Analytics Model (FAIR-CAM™) at the 2021 FAIR Conference, “I get asked all the time, ‘Can we take our NIST CSF scores and plug them into FAIR-CAM and measure controls efficacy and risk reduction value?’”

Read More [fa icon="long-arrow-right"]

A Solution for Measuring Inherent Risk

[fa icon="calendar'] Feb 22, 2022 2:32:43 PM / by Jack Jones posted in Risk Management, FAIR-CAM

[fa icon="comment"] 0 Comments

If you search the FAIR Institute blog, you will find several posts about Inherent Risk, each highlighting fundamental problems with the standard definition for Inherent Risk and offering insights and advice regarding how to better define and use it.  To save you the trouble of finding and reading old posts, I’ll boil them down:

Read More [fa icon="long-arrow-right"]

Study Finds Employees Will Violate Security Policy to Get Their Work Done – FAIR-CAM Helps to Solve the Problem

[fa icon="calendar'] Jan 31, 2022 7:15:00 AM / by Jack Jones posted in FAIR-CAM

[fa icon="comment"] 0 Comments

A study sponsored by the National Science Foundation and reported in the Harvard Business Review, Research: Why Employees Violate Cybersecurity Policies, identified a wide disconnect between the demands of cybersecurity and the reality of day-to-day work for employees – one of the key gaps that the new FAIR Controls Analytics Model™ (FAIR-CAM™) is intended to help close.  

Read More [fa icon="long-arrow-right"]

How Cyber Risk Management Is Like Buying a Bike for Your Daughter – Understanding the FAIR Controls Analytics Model (FAIR-CAM)

[fa icon="calendar'] Jan 12, 2022 2:04:27 PM / by Jack Jones posted in Jack Jones, FAIR-CAM

[fa icon="comment"] 0 Comments

In writing the FAIR-CAM™ white paper, I took a short detour from the complex landscape of cybersecurity to explain the new FAIR Controls Analytics Model™ with an analogy that almost anyone can relate to.

Read More [fa icon="long-arrow-right"]
LEARN MORE
Content not found

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts