FAIR Institute Blog

How to Model Controls in a FAIR Risk Analysis

[fa icon="calendar'] Apr 12, 2018 9:00:00 AM / by Rebecca Merritt posted in FAIR

[fa icon="comment"] 2 Comments

As a former auditor, I understand the value a control has for an organization, a process or an application.  But, I’ll be honest I used to think a control was one dimensional. It didn’t really matter what the control protected, if the control wasn’t functioning properly or configured exactly to a ‘T’, it was failing.

Read More [fa icon="long-arrow-right"]

FAIR Institute Expands Education Partnerships

[fa icon="calendar'] Apr 10, 2018 9:00:00 AM / by Luke Bader posted in FAIR, FAIR University

[fa icon="comment"] 0 Comments

In September, 2017,  the FAIR Institute launched the FAIR University Curriculum with the goal of helping to fill a void in the industry by assisting academia in building information risk management programs and developing the next generation of cyber risk executives.

Read More [fa icon="long-arrow-right"]

FAIR Institute Events at the 2018 RSA Conference

[fa icon="calendar'] Apr 5, 2018 10:25:25 AM / by Luke Bader posted in FAIR, Events

[fa icon="comment"] 0 Comments

The FAIR Institute is excited to have our Chairman, Jack Jones, represent the Institute at multiple events and sessions at the 2018 RSA Conference in San Francisco later this month. If you’re in town attending the conference, stop by the events below to hear Jack speak on the importance of quantitative analysis--and to say hello.

Read More [fa icon="long-arrow-right"]

Webinar on Demand: Jack Jones' Tips on SEC Cybersecurity Guidance

[fa icon="calendar'] Apr 5, 2018 9:49:33 AM / by Jeff B. Copeland posted in FAIR, Jack Jones

[fa icon="comment"] 0 Comments

The Securities and Exchange Commission’s new guidance on cybersecurity risk disclosure landed with a thud in board rooms, C-suites and infosecurity shops, particularly for its requirements on reporting ongoing cyber risks

Read More [fa icon="long-arrow-right"]

Who (or What) Is Really a “Cyber Threat”

[fa icon="calendar'] Apr 2, 2018 3:10:15 PM / by David Musselwhite posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

The MIT Technology Review recently published an article about what they called “cyber threats.” While the article identifies trending attack methods and scenarios to be concerned about, none of the things that made the list are actually threats.

Read More [fa icon="long-arrow-right"]

Jack Jones Webinar on SEC Cyber Risk Disclosure Guidance: The FAIR Advantage

[fa icon="calendar'] Mar 29, 2018 11:37:13 AM / by Jeff B. Copeland posted in FAIR, Jack Jones

[fa icon="comment"] 0 Comments

Join Jack Jones, creator of the FAIR model for risk analysis, for a webinar on Tuesday, April 3, at 2 PM ET on “New SEC Cyber Risk Disclosure Guidance: The FAIR Advantage”.

Read More [fa icon="long-arrow-right"]

3 Tips for Better Risk Analysis Reporting

[fa icon="calendar'] Mar 27, 2018 11:30:00 AM / by Tyanna Smith posted in FAIR

[fa icon="comment"] 0 Comments

Reporting results from a risk analysis can seem like a daunting and cumbersome task. Even after a lot of work, key stakeholders may walk away without a good understanding of what the results truly mean.

Read More [fa icon="long-arrow-right"]

Webinar: FAIR Univ. Curriculum for Next-Generation Cyber Risk Executives

[fa icon="calendar'] Mar 20, 2018 9:00:00 AM / by Luke Bader posted in FAIR, FAIR University

[fa icon="comment"] 0 Comments

The FAIR Institute recently hosted a Virtual Panel Webinar on our FAIR University Curriculum. The webinar was held for interested professors and deans from academic institutions that are building information risk management courses, based on FAIR.

Read More [fa icon="long-arrow-right"]

Black Swans in Risk: Myth, Reality and Bad Metaphors

[fa icon="calendar'] Mar 19, 2018 12:00:00 PM / by Tony Martin-Vegue posted in FAIR, Risk Management

[fa icon="comment"] 3 Comments

The term “Black Swan event” has been part of the risk management lexicon since its coinage in 2007 by Nassim Taleb in his eponymous book titled The Black Swan: The Impact of the Highly Improbable.

Read More [fa icon="long-arrow-right"]

The SEC's New Cyber Risk Disclosure Guidance: Textbook Case for FAIR

[fa icon="calendar'] Mar 16, 2018 9:00:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 2 Comments

Tips and insight from Jack Jones and Jack Freund, authors of the FAIR book...

The Securities and Exchange Commission’s new guidance on cyber risk disclosure has shaken up infosec teams, C-suiters and board members at public companies over the past two weeks.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts