Cybersecurity wise man Phil Venables – CISO for Google Cloud, Member of the President's Council of Advisors on Science and Technology (PCAST) -- and many more achievements – recently wrote a blog post to help security leaders report on their performance.
FAIR Institute members were served in 2022 a banquet of blog posts, videos and other content for learning, practicing, evangelizing and defending risk quantification with Factor Analysis of Information Risk (FAIR™).
“Virtually every organization will tell you they do more controls management than risk management,” says Marta Palanques, Director of Risk Methodologies, Technology Risk Management, at Capital One, and with cybersecurity controls often numbering in the hundreds,
11,000 employees laid off by Meta. 10,000 by Amazon, 3,700 by Twitter. And there are heart-breaking stories of thousands more outside of the headline-grabbing FAANG organizations. It is truly an unprecedented time in the once-booming tech industry with recession looming, increasing labor costs, and rising uncertainty.
FAIR Institute leaders and members like to practice critical thinking and questioning conventional wisdom, and those skill sets can generate a steady supply of fresh insights
“Leadership Vision for 2022,” a new report from Gartner, the leading technology consulting firm, presents some solid advice for CISOs and other security and risk management leaders pulled in many directions
"I just think loss exposure is too low!” Many FAIR risk analysts have faced this response from a stakeholder at some point in their career. This rejection is often not a reflection of the work done by the analyst
If you’re looking to try Factor Analysis of Information Risk (FAIR™) in a lightweight way, these tools and resources will get you started – all of them offered by the FAIR Institute or shared by Institute members, particularly in sessions at the annual FAIR Conference.
The Harvard Law School Forum on Corporate Governance recently published an article, Proposed SEC Cyber Rules: A Game Changer for Public Companies, that outlines how new SEC rules could require an in-depth understanding of the potential liabilities related to cyber risk
Do you know your hurdle rate? Michael Carr, VP, CTO/CISO, at Health First, the Florida hospital operator and health insurance provider, recently gave a talk to the HealthITSecurity Virtual Summit that covered financial terms and metrics