If you practice risk management in a regulated industry, particularly finance, you’ll want to watch this video of a discussion at the recent FAIR Conference 2017 in Dallas that brought together veteran regulators from the Federal Reserve and Office of Comptroller of the Currency (OCC), plus an insurance company attorney and privacy officer.
FAIR leaders from Walmart, Chevron and Hewlett Packard Enterprise sat down with FAIR creator Jack Jones for a panel discussion at the recent FAIR Conference 2017 to talk over the unavoidable mindset changes that go along with successfully introducing the FAIR risk model to an organization.
“It’s relatively rare that you get security leaders and board members together on a panel to talk about things,” says Wade Baker, who moderated “What CISOs Need to Tell the Board About Cyber and Technology Risk” panel discussion at FAIR Conference 2017.
Dashboards. Metrics. Data. Everybody has them; most don’t know how to use them effectively. It’s a bold statement; but, according to Jack Jones and Jack Freund it is a truism in the risk management field.
“You are clearly out of compliance with a federal law.” When you, as a risk management professional, hear this, what is your first reaction?
A. “Yikes! We better fix that immediately!”
B. “That sounds like a problem for the Compliance Department?”
C. “So what? The government has it’s hand in everything, let us run our business!”
D. “Hmm…let’s perform a risk analysis and see if we should be concerned.”
In this short video interview for RSA, Jack Jones, Chairman of the FAIR Institute, and RiskLens CEO Nick Sanna give a high level introduction to the value proposition of FAIR: changing the mindset among risk professionals that keeps them in permanent crisis mode.
Kim Jones is a 30-year cybersecurity and intelligence veteran – his most recent private sector job was CSO at credit card processor Vantiv, where he started experimenting with FAIR more than five years ago. Recently, he turned cyber-educator as Director of the Cybersecurity Education Consortium at Arizona State University. We talked to Kim at the recent FAIR Conference 2017, where he appeared on the panel “What CISOs Need to Tell the Board”.
Front-line experience, freely shared among friends – that about sums up the spirit of the speakers at the recent FAIR Conference 2017, a lineup of leading FAIR practitioners who were amazingly candid about their success and challenges in spreading the FAIR risk revolution to their organizations.
UPDATE: The FAIR-U training app is now available. Get access to the web app now.
At the FAIR Conference in mid-October, the FAIR Institute will introduce FAIR-U, our first officially sanctioned training application for running FAIR risk analysis, guaranteed to correctly leverage the FAIR model.