FAIR Institute Blog

Identifying the Right Risk Scenarios to Measure with FAIR

[fa icon="calendar'] Jun 28, 2022 9:30:00 AM / by Raksha Shenoy posted in Member Content

[fa icon="comment"] 4 Comments

When one hears about challenges in cyber risk quantifications, many topics such as reporting, data sourcing, budget, etc. may come to mind, but one of the most challenging aspects is scenario scoping

Read More [fa icon="long-arrow-right"]

Analyzing Privacy Risk Using FAIR

[fa icon="calendar'] Apr 5, 2022 6:08:00 PM / by R. Jason Cronk posted in Risk Management, Member Content

[fa icon="comment"] 1 Comment

When I saw Jack Jones present on FAIR™ at an IANS Research Forum several years ago, it was like a light bulb went off in my head. I immediately ordered the FAIR book

Read More [fa icon="long-arrow-right"]

Human Nature in Our FAIR Risk Programs: Work With It, Not Against It

[fa icon="calendar'] Feb 8, 2022 12:05:47 PM / by Zach Cossairt posted in Member Content

[fa icon="comment"] 0 Comments

As a graduate student exploring the emerging field of Behavioral Economics, or the science and art of judgment and decision-making, I have the unique opportunity to regularly draw from this study’s foundational concepts and directly apply them to communicate risk

Read More [fa icon="long-arrow-right"]

3 Quick Steps for FAIR Program Maturity

[fa icon="calendar'] Jan 27, 2022 9:00:00 AM / by Caleb Juhnke posted in Member Content

[fa icon="comment"] 0 Comments

“Don’t boil the ocean,” “manage expectations” and “baby steps” are common phrases that capture the mindset needed for consistent, sustained growth of a FAIR™ cyber risk quantification program. But every now and then it’s nice to get some quick wins to gain visibility and establish credibility within your organization.

Read More [fa icon="long-arrow-right"]

4 Questions and 4 Action Steps to Get a FAIR Program Off the Ground

[fa icon="calendar'] Nov 10, 2021 8:30:37 AM / by Evan Wheeler posted in Member Content, FAIR Conference 2021

[fa icon="comment"] 0 Comments

After watching Prashanthi and Tony’s fireside chat at the 2021 FAIR Conference about getting a FAIR program started, I was struck by the simple and insightful themes that they kept repeating.  Well, simple on paper, but not always easy to keep in mind when you’re in the thick of a FAIR rollout. 

Read More [fa icon="long-arrow-right"]

White Paper: Data Governance Practices for Cyber Risk Management

[fa icon="calendar'] Sep 8, 2021 3:13:33 PM / by Jeff B. Copeland posted in Member Content

[fa icon="comment"] 0 Comments

In an extensive white paper, Evan Wheeler, FAIR Institute Advisory Board Member and VP of Risk Management at Fintech firm NVDR, makes a strong case for the importance of data quality, integrity, and usability as core tenets of the data governance process

Read More [fa icon="long-arrow-right"]

Why Risk Teams Should Be Champions for Data Governance in Fintech Firms

[fa icon="calendar'] Jul 28, 2021 12:26:09 PM / by Evan Wheeler posted in Member Content

[fa icon="comment"] 0 Comments

Ask a cyber risk professional about data governance practices, and they will likely tell you tales of classification schemes, access controls, and encryption … but we often overlook the importance of data quality, integrity, and usability that are core tenants of a robust data governance process. 

Read More [fa icon="long-arrow-right"]

Calculating Your Company’s Total Cybersecurity Risk Exposure (Part 2)

[fa icon="calendar'] Jun 16, 2021 3:17:49 PM / by Gideon Knocke posted in Member Content

[fa icon="comment"] 0 Comments

In the first part of my blog post I focused on calculating the impact of a cybersecurity breach in relation to a company’s size and industry. In part two, I present an approach to better understand how often a company will experience security breaches.

Read More [fa icon="long-arrow-right"]

“What They Didn’t Teach You in FAIR School” – Ground-level Insights on Building a Successful Quantitative Risk Analysis Program from Jack Whitsitt

[fa icon="calendar'] Jun 3, 2021 8:30:00 AM / by Jeff B. Copeland posted in FAIR, Member Content

[fa icon="comment"] 0 Comments

Jack Whitsitt has been a FAIR practitioner since 2016, built the quantitative risk analysis program at Bank of America and is now doing the same at Datto (the services provider to MSPs)

Read More [fa icon="long-arrow-right"]

Hacking the COVID Cold Chain: A Health Care Sector Example of FAIR

[fa icon="calendar'] Apr 26, 2021 4:06:32 PM / by Colin Connor and Itzik Kotler posted in Risk Management, Member Content

[fa icon="comment"] 1 Comment

In September, 2020, our IBM X-Force IRIS security analysis group began tracking strange phishing attacks targeting suppliers of HVAC equipment and services.

Read More [fa icon="long-arrow-right"]
LEARN MORE
Content not found

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts