Robert Immella, Senior Information Security Risk Analyst and FAIR™ Cyber Risk Analyst for KeyBank, talked with us at FAIRCON19 about the thoughtful approach he’s taken to implement a FAIR program at the bank, starting with building support among subject matter experts and other stakeholders
Brandon Myers works IT security for Mastercard but also mission security for the Air Force as a member of the Reserve. We caught up with him at the 2019 FAIR Conference where he had just completed FAIR training (he rated it “amazing”). Brandon had an interesting psychological take on the value of FAIR:
Daniel Davis, Security Analyst at Lyft in San Francisco, came to FAIR from an unusual, non-IT perspective – safety engineering. He first came to Lyft to work on safety for autonomous cars. “The way that FAIR defines risk as threat, asset and impact…is very similar to the way that safety engineering has treated hazards for years,” he says.
If you’re not in government IT, particularly state and local government, you may not have heard of Tyler Technologies, but it’s the largest software company in the nation solely focused on providing integrated software and technology services to the public sector. The company offers a huge range of software as a service applications
Keith Weinbaum stood the standard FAIR adoption model on its head: He introduced FAIR and cyber risk quantification to executives at Quicken Loans by applying it to risk scenarios they understood already from the mortgage business, and with that acceptance in hand moved on to using FAIR in enterprise risk management, and finally cyber.
At FAIRCON19, we caught up with Annie Lavoie, Director, IT Risk Management for the Business Development Bank of Canada (BDC), a government-supported financial institution devoted exclusively to funding entrepreneurs. Annie is an auditor who moved into IT risk at BDC within the past three years and is now one of the leaders of the FAIR adoption program
Simone Petrella, the newest member of the FAIR Institute Advisory Board, comes from a key partner of the Institute, CyberVista, the leading cybersecurity education and workforce development company, particularly known for its board of directors education work.
At the FAIR Institute Breakfast during the recent Gartner Security and Risk Management Summit, Robert Immella FAIR cyber risk analyst for KeyBank, gave a talk filled with actionable tips
Chris Porter first learned about FAIR years ago working in cybersecurity at Verizon, where he led the respected DBIR report, developed the Vocabulary for Event Recording and Incident Sharing (VERIS) system for classifying security events, and later built the company’s threat intel team.
When Tim Titcomb was first introduced to FAIR by co-workers at Fidelity, "we walked out of the room and sort of shrugged and we did not have the red pill/blue pill moment. But I'd been looking for an opportunity to re-engergize the risk team I had just taken over, give us some direction and really start to do more proactive risk assessment...