Where are you at on your FAIR™ journey? Everyone has to start somewhere and often starting is the hardest part. Maybe you are FAIR trained and trying to figure out how to take the first step, maybe you use qualitative methods and still want to improve your program
Geoji Paul of Centene and Nathan Thomack of Emerson on What to Expect in Your FAIR™ Journey
[fa icon="calendar'] Jan 6, 2020 12:38:05 PM / by Geoji Paul and Nathan Thomack posted in FAIR, Risk Management, FAIR Conference 2019
NIST CSF Adds FAIR™, Videos from FAIR Conference 2019, and More Top 5 Topics of Our Blog in 2019
[fa icon="calendar'] Dec 31, 2019 10:12:53 AM / by Jeff B. Copeland posted in FAIR, Risk Management, FAIR Conference 2019
To judge from the most-read topics of the year, FAIR Institute blog readers were focused on keeping up with the risk quantification movement and learning all they could about FAIR™ best practices. Leading off the list were the two big events of the year, the 2019 FAIR Conference and the addition of FAIR to the NIST CSF
FAIRCON19 Video: Integrating Cyber Risk into ERM with Experts from BlackRock, DTCC, Freddie Mac
[fa icon="calendar'] Dec 19, 2019 9:35:43 AM / by Jeff B. Copeland posted in FAIR Conference 2019
One of the breakthroughs of cyber risk quantification through FAIR™ is to finally place cyber on a par with the other risks that roll up into enterprise risk management (ERM) instead of remaining in its own special silo. But to get to that place takes an effort at communication and coordination and even some org chart changes
FAIRCON 19 Video: How MassMutual Closes the Risk Management Loop with FAIR™
[fa icon="calendar'] Dec 12, 2019 7:17:00 AM / by Jeff B. Copeland posted in Risk Management, FAIR Conference 2019
FAIR™ can support every stage of a risk management program, as Greg Rothauser, Enterprise Business Information Information Security Officer (BISO) for MassMutual, told a session at the 2019 FAIR Conference – starting with the widely used wheel from NIST 800-39: Frame / Assess / Respond / Monitor.
FAIRCON19 Video: Use Case Panorama – FAIR™ Practitioner Success Stories from BB&T, Swisscom, Fidelity Investments and Daimler Mobility
[fa icon="calendar'] Nov 22, 2019 10:11:30 AM / by Jeff B. Copeland posted in FAIR Conference 2019
For ground-level, hands-on, advice on starting a FAIR™ quantitative risk management program, the Use Case Panorama session at the recent 2019 FAIR Conference was the place to be.
(Video) Meet a Member: Brandon Myers, Risk Management and Corporate Security Architect, Mastercard
[fa icon="calendar'] Nov 21, 2019 11:19:35 AM / by Luke Bader posted in Meet a Member, FAIR Conference 2019
Brandon Myers works IT security for Mastercard but also mission security for the Air Force as a member of the Reserve. We caught up with him at the 2019 FAIR Conference where he had just completed FAIR training (he rated it “amazing”). Brandon had an interesting psychological take on the value of FAIR:
FAIRCON19 Video: Tips on Building a Cybersecurity Program with a Risk Management Framework & FAIR
[fa icon="calendar'] Nov 14, 2019 10:43:57 AM / by Jeff B. Copeland posted in Risk Management, FAIR Conference 2019
Don’t think of cybersecurity standards and frameworks as checklists – think of them as recipes with plenty of room for “season to taste.” That was the message coming out of a panel discussion at the 2019 FAIR Conference on the topic “Building a Cybersecurity Program with a Risk Management Framework & FAIR,”
FAIRCON19 Video: CISOs from Fannie Mae, Highmark Health, Department of Energy, and Premise Health Talk FAIR Cyber Risk Quantification
[fa icon="calendar'] Nov 6, 2019 12:02:00 PM / by Jeff B. Copeland posted in FAIR Conference 2019
Led by FAIR model creator Jack Jones, the panel discussion “CISO Panel: Defining the Goals of an Effective Risk Management Program” at the recent 2019 FAIR Conference, covered a lot of ground. Four chief information security officers - speaking from hands-on experience - discussed everything from building a FAIR program, to briefing the board
(Video) Meet a Member: Daniel Davis, Security Analyst at Lyft
[fa icon="calendar'] Nov 6, 2019 10:08:57 AM / by Luke Bader posted in Meet a Member, FAIR Conference 2019
Daniel Davis, Security Analyst at Lyft in San Francisco, came to FAIR from an unusual, non-IT perspective – safety engineering. He first came to Lyft to work on safety for autonomous cars. “The way that FAIR defines risk as threat, asset and impact…is very similar to the way that safety engineering has treated hazards for years,” he says.
(Video) Meet a Member: Peter Higgins, Director, InfoSec Risk Management, Tyler Technologies
[fa icon="calendar'] Oct 31, 2019 11:13:19 AM / by Luke Bader posted in Meet a Member, FAIR Conference 2019
If you’re not in government IT, particularly state and local government, you may not have heard of Tyler Technologies, but it’s the largest software company in the nation solely focused on providing integrated software and technology services to the public sector. The company offers a huge range of software as a service applications