FAIR Institute Blog

How to Set Goals for a Cyber Risk Management Program and Integrate with ERM – Tips from the DOE

[fa icon="calendar'] Aug 4, 2020 7:58:00 AM / by Jeff B. Copeland posted in Risk Management, Government

[fa icon="comment"] 0 Comments

In a recent National institute of Standards and Technology webinar on integrating cybersecurity and ERM, Energy Dept. CISO Emery Csulak shared the goals his agency set for its transition to a cyber risk management program based on FAIR™ -- high-level principles that could apply equally to the government or corporate information security. 

Read More [fa icon="long-arrow-right"]

NISTIR 8286 Second Draft: Strong Focus on Risk Quantification for Aligning Cyber and Enterprise Risk Management

[fa icon="calendar'] Jul 30, 2020 7:42:00 AM / by Jack Freund posted in Risk Management, Government

[fa icon="comment"] 2 Comments

NIST has released a second draft of its groundbreaking NISTIR 8286 standard that provides a roadmap for organizations looking to better align cyber risk management with enterprise risk management functions.

Read More [fa icon="long-arrow-right"]

Watch the Webinar: How Financial Risk Quantification Can Help Federal Agencies Better Integrate Cybersecurity Risk and ERM

[fa icon="calendar'] Jul 22, 2020 11:05:41 AM / by Jeff B. Copeland posted in Government

[fa icon="comment"] 0 Comments

In this webinar, FAIR Institute President Nick Sanna gives the Association for Federal Enterprise Risk Management (AFERM) an introduction to FAIR, the international standard for cyber risk quantification

Read More [fa icon="long-arrow-right"]
LEARN MORE