Enhancing the 3 Lines of Defense with FAIR Risk Analysis (Part 2: Third Line) Quantitative risk analysis solves the communication problem across operational management, compliance and risk management teams. Read More
Enhancing the Three Lines of Defense in Risk Management with FAIR Risk Analysis (Part 1: First & Second Lines) Quantitative risk analysis solves the communication problem across operational management, compliance and risk management teams. Read More
Create a Forward-Looking Risk Register to Anticipate Supply Chain Attacks - Part 2 of 'Modeling the Vulnerability du Jour' 4-step process to identify risk register blind spots, brainstorm new risks, integrate them into your register, and implement continuous monitoring. Read More
'Risk Appetite' vs. 'Risk Tolerance'. What’s the Difference? Jack Jones explainins two risk management concepts often confused in risk analysis. Read More
The Good News: World Economic Forum Finds CISOs and Boards Talking More But gaining leadership buy-in for cybersecurity initiatives still a challenge. Cyber risk quantification with FAIR is the best communication tool. Read More
Academic Study Uncovers How Legal Privilege Undermines Cybersecurity How attorneys influence cyber risk assessments and cyber-incident reporting so no paper trail could be used as evidence in a lawsuit. Read More
Dos and Don’ts of Using CVSS Scores in Cyber Risk Management Because CVSS scoring is numeric, it is often confused as quantitative cyber risk analysis – it’s not. Read More
Analyzing Privacy Risk Using FAIR Privacy expert R. Jason Cronk on how to apply principles of quantitative risk analysis to privacy issues such as GDPR. Read More
CRQ For All: Introducing My Cyber Risk Benchmark from RiskLens (Sponsored Post) A simpler, easier way for organizations to quantify cyber risk and present it in terms the business understands. Read More
4 Ways FAIR Cyber Risk Analysis Saves Money By quantifying cyber risk in financial terms, FAIR brings a bottom-line focus. Read More
