While the beachhead for FAIR™ adoption in most organizations is on the cyber side, Michael Kenney, Vice President of Operational Risk for the Multifamily business line at Freddie Mac, the big secondary mortgage buyer, is introducing FAIR and quantification starting from the operational risk side – or, as he says with a “wider footprint.”
Tom Callaghan and Christophe Foret pioneered FAIR™ in Europe, both as founders of the Paris Chapter of the Institute and of consulting firm C-Risk, the European leader in cyber risk quantification services.
Risk quantification pioneers come to FAIR™ from all different directions but Alex Rogozhin, Sr. Manager, Cybersecurity Intelligence Team, at banking company Truist had one of the more unusual journeys.
Welcome the St. Louis Chapter to the FAIR™ Institute, with a kickoff meeting on March 10, thanks to the organizational efforts of Co-Chairs Nathan Thomack, Manager of Cyber Risk Management at Emerson, and Nick Corzine, Manager of Quantitative Risk Analysis at Centene.
Many FAIR program leaders start at a ground level and work their way up to a board presentation. Chris Golden started at the top, as he tells FAIR Institute Director Luke Bader in this podcast interview, demonstrating FAIR to the board for the green light on a risk quantification initiative.
Robert Immella, Senior Information Security Risk Analyst and FAIR™ Cyber Risk Analyst for KeyBank, talked with us at FAIRCON19 about the thoughtful approach he’s taken to implement a FAIR program at the bank, starting with building support among subject matter experts and other stakeholders
Brandon Myers works IT security for Mastercard but also mission security for the Air Force as a member of the Reserve. We caught up with him at the 2019 FAIR Conference where he had just completed FAIR training (he rated it “amazing”). Brandon had an interesting psychological take on the value of FAIR:
Daniel Davis, Security Analyst at Lyft in San Francisco, came to FAIR from an unusual, non-IT perspective – safety engineering. He first came to Lyft to work on safety for autonomous cars. “The way that FAIR defines risk as threat, asset and impact…is very similar to the way that safety engineering has treated hazards for years,” he says.
If you’re not in government IT, particularly state and local government, you may not have heard of Tyler Technologies, but it’s the largest software company in the nation solely focused on providing integrated software and technology services to the public sector. The company offers a huge range of software as a service applications
Keith Weinbaum stood the standard FAIR adoption model on its head: He introduced FAIR and cyber risk quantification to executives at Quicken Loans by applying it to risk scenarios they understood already from the mortgage business, and with that acceptance in hand moved on to using FAIR in enterprise risk management, and finally cyber.