Again this year, the FAIR Institute has a major presence at the RSA Conference, April 24-27 in San Francisco, with two seminars led by cyber risk quantification authority Jack Jones
Attend a Seminar with FAIR Creator Jack Jones, Take FAIR Training at the 2023 RSA Conference
[fa icon="calendar'] Jan 25, 2023 9:36:12 AM / by Luke Bader posted in Jack Jones, FAIR Training
8 Insights from Jack Jones in 2022 on Automating Cyber Risk Analysis, Modeling Controls and Moving the Cyber Risk Profession Forward
[fa icon="calendar'] Dec 22, 2022 11:10:53 AM / by Jeff B. Copeland posted in Jack Jones
“Thought leadership” is a term that gets loosely applied to any kind of marketing material in the cyber risk/cybersecurity world – and then there’s Jack Jones, who has been indisputably out in front showing the risk and security professions the way up
Jack Jones on the Wrong Lessons from the Conviction of Former Uber CSO Joe Sullivan
[fa icon="calendar'] Dec 7, 2022 11:21:28 AM / by Jack Jones posted in Jack Jones
The Wall Street Journal recently published an article, “Whistleblower Reports of Lax Cybersecurity Expected to Rise,” reacting to the conviction of Joe Sullivan for his handling of two data breaches as CSO at Uber
FAIRCON22 Video: Jack Jones Explains FAIR Controls Analytics, RiskLens Previews the FAIR-CAM Tool for Quantitative Risk Analysis Automation
[fa icon="calendar'] Nov 3, 2022 9:48:34 AM / by Jeff B. Copeland posted in Jack Jones, FAIR-CAM, FAIR Conference 2022
Cyber risk analysis must scale to meet the rising challenges of cybersecurity, and automation of quantitative analysis will get us there.
Jack Jones FAIRCON Message to Cyber Risk Management Profession: "The First Step Is Recognizing that You Have a Problem"
[fa icon="calendar'] Oct 26, 2022 12:01:30 PM / by Jeff B. Copeland posted in Jack Jones, FAIR Conference 2022
Jack Jones, creator of Factor Analysis of Information Risk (FAIR™) and Chairman of the FAIR Institute, delivered a keynote address to the 2022 FAIR Conference emphasizing the fact that cyber risk measurement practices have been profoundly immature
Why Cyber Risk Quantification (CRQ) Demos Aren't Enough
[fa icon="calendar'] Aug 2, 2022 2:44:24 PM / by Jack Jones posted in Jack Jones
Imagine that you’re looking for an encryption solution. There are many providers on the market, all of whom use one of the well-vetted public encryption standards. But let’s imagine there’s a new player in the market — one that claims to have a vastly improved, but proprietary, solution.
Attacking FAIR - A Reply by Jack Jones
[fa icon="calendar'] Jul 27, 2022 5:42:49 PM / by Jack Jones posted in FAIR, Jack Jones
It was bound to happen. For years, Factor Analysis of Information Risk (FAIR™) was, for all intents and purposes, the only Cyber Risk Quantification (CRQ) model out there.
Jack Jones Speaks at RSAC 2022 on AI, Automation, the Future of Risk Measurement and What It Will Take to Get There
[fa icon="calendar'] Jun 9, 2022 9:40:50 AM / by Jeff B. Copeland posted in Jack Jones, FAIR-CAM
FAIR standard creator Jack Jones spoke this week at the 2022 RSA Conference with the message that the future of risk measurement and management is (drum roll) artificial intelligence and automation. You might have heard the same in vendor booths on the show floor, but not like Jack told it: The industry won’t get there without a major shift left
Jack Jones: Automating Cyber Risk Quantification (Part 5 of 5)
[fa icon="calendar'] May 10, 2022 7:45:00 AM / by Jack Jones posted in Jack Jones, Jack Jones on Automating CRQ
In the previous post, I provided examples of some controls-related data that can’t be used to support automated cyber risk quantification (CRQ). But the news isn’t all bad. There are some data that can be used to support CRQ.
Jack Jones: Automating Cyber Risk Quantification (Part 4 of 5)
[fa icon="calendar'] May 3, 2022 1:50:19 PM / by Jack Jones posted in Jack Jones, Jack Jones on Automating CRQ
I covered a lot of ground in the previous posts, and rather than summarize them here I’ll assume you’ve read those posts already. So, let’s dive into the last analytic dimension…