FAIR Institute Blog

Attend a Seminar with FAIR Creator Jack Jones, Take FAIR Training at the 2023 RSA Conference

[fa icon="calendar'] Jan 25, 2023 9:36:12 AM / by Luke Bader posted in Jack Jones, FAIR Training

[fa icon="comment"] 0 Comments

Again this year, the FAIR Institute has a major presence at the RSA Conference, April 24-27 in San Francisco, with two seminars led by cyber risk quantification authority Jack Jones

Read More [fa icon="long-arrow-right"]

8 Insights from Jack Jones in 2022 on Automating Cyber Risk Analysis, Modeling Controls and Moving the Cyber Risk Profession Forward

[fa icon="calendar'] Dec 22, 2022 11:10:53 AM / by Jeff B. Copeland posted in Jack Jones

[fa icon="comment"] 0 Comments

“Thought leadership” is a term that gets loosely applied to any kind of marketing material in the cyber risk/cybersecurity world – and then there’s Jack Jones, who has been indisputably out in front showing the risk and security professions the way up

Read More [fa icon="long-arrow-right"]

Jack Jones on the Wrong Lessons from the Conviction of Former Uber CSO Joe Sullivan

[fa icon="calendar'] Dec 7, 2022 11:21:28 AM / by Jack Jones posted in Jack Jones

[fa icon="comment"] 0 Comments

The Wall Street Journal recently published an article, “Whistleblower Reports of Lax Cybersecurity Expected to Rise,” reacting to the conviction of Joe Sullivan for his handling of two data breaches as CSO at Uber

Read More [fa icon="long-arrow-right"]

FAIRCON22 Video: Jack Jones Explains FAIR Controls Analytics, RiskLens Previews the FAIR-CAM Tool for Quantitative Risk Analysis Automation

[fa icon="calendar'] Nov 3, 2022 9:48:34 AM / by Jeff B. Copeland posted in Jack Jones, FAIR-CAM, FAIR Conference 2022

[fa icon="comment"] 0 Comments

Cyber risk analysis must scale to meet the rising challenges of cybersecurity, and automation of quantitative analysis will get us there.

Read More [fa icon="long-arrow-right"]

Jack Jones FAIRCON Message to Cyber Risk Management Profession: "The First Step Is Recognizing that You Have a Problem"

[fa icon="calendar'] Oct 26, 2022 12:01:30 PM / by Jeff B. Copeland posted in Jack Jones, FAIR Conference 2022

[fa icon="comment"] 0 Comments

Jack Jones, creator of Factor Analysis of Information Risk (FAIR™) and Chairman of the FAIR Institute, delivered a keynote address to the 2022 FAIR Conference emphasizing the fact that cyber risk measurement practices have been profoundly immature

Read More [fa icon="long-arrow-right"]

Why Cyber Risk Quantification (CRQ) Demos Aren't Enough

[fa icon="calendar'] Aug 2, 2022 2:44:24 PM / by Jack Jones posted in Jack Jones

[fa icon="comment"] 0 Comments

Imagine that you’re looking for an encryption solution.  There are many providers on the market, all of whom use one of the well-vetted public encryption standards.  But let’s imagine there’s a new player in the market — one that claims to have a vastly improved, but proprietary, solution. 

Read More [fa icon="long-arrow-right"]

Attacking FAIR - A Reply by Jack Jones

[fa icon="calendar'] Jul 27, 2022 5:42:49 PM / by Jack Jones posted in FAIR, Jack Jones

[fa icon="comment"] 1 Comment

It was bound to happen.  For years, Factor Analysis of Information Risk (FAIR™) was, for all intents and purposes, the only Cyber Risk Quantification (CRQ) model out there.

Read More [fa icon="long-arrow-right"]

Jack Jones Speaks at RSAC 2022 on AI, Automation, the Future of Risk Measurement and What It Will Take to Get There

[fa icon="calendar'] Jun 9, 2022 9:40:50 AM / by Jeff B. Copeland posted in Jack Jones, FAIR-CAM

[fa icon="comment"] 0 Comments

FAIR standard creator Jack Jones spoke this week at the 2022 RSA Conference with the message that the future of risk measurement and management is (drum roll) artificial intelligence and automation. You might have heard the same in vendor booths on the show floor, but not like Jack told it: The industry won’t get there without a major shift left

Read More [fa icon="long-arrow-right"]

Jack Jones: Automating Cyber Risk Quantification (Part 5 of 5)

[fa icon="calendar'] May 10, 2022 7:45:00 AM / by Jack Jones posted in Jack Jones, Jack Jones on Automating CRQ

[fa icon="comment"] 0 Comments

In the previous post, I provided examples of some controls-related data that can’t be used to support automated cyber risk quantification (CRQ).  But the news isn’t all bad.  There are some data that can be used to support CRQ.

Read More [fa icon="long-arrow-right"]

Jack Jones: Automating Cyber Risk Quantification (Part 4 of 5)

[fa icon="calendar'] May 3, 2022 1:50:19 PM / by Jack Jones posted in Jack Jones, Jack Jones on Automating CRQ

[fa icon="comment"] 0 Comments

I covered a lot of ground in the previous posts, and rather than summarize them here I’ll assume you’ve read those posts already.  So, let’s dive into the last analytic dimension…

Read More [fa icon="long-arrow-right"]
LEARN MORE
Content not found

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts