FAIR Institute Blog

[Video] FAIRCON18 Panel Explains How to Bridge the Gap Between CISO and CRO

[fa icon="calendar'] Nov 13, 2018 10:53:17 AM / by Jeff B. Copeland posted in FAIR Conference 2018, Risk Management

[fa icon="comment"] 0 Comments

As the FAIR model and risk quantification brings cyber risk management in line with the rest of enterprise risk management, the roles of CISO and CRO also pull closer together. A panel discussion at the recent 2018 FAIR Conference showed a cooperative CISO/CRO relationship in action

Read More [fa icon="long-arrow-right"]

[Video] James Lam’s FAIRCON18 Keynote on ERM, Cybersecurity Oversight and Cyber Risk's Future

[fa icon="calendar'] Nov 7, 2018 9:00:00 AM / by Jeff B. Copeland posted in FAIR Conference 2018, Risk Management

[fa icon="comment"] 0 Comments

At the recent 2018 FAIR Conference, James Lam, the enterprise risk management and corporate governance authority and chairman of the risk committee for the E*TRADE board of directors, gave a master class

Read More [fa icon="long-arrow-right"]

What Drives Value in Cyber Risk Reporting? 2018 'Cyber Balance Sheet' Answers

[fa icon="calendar'] Nov 6, 2018 9:00:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

Greetings FAIR Instituters! I’m glad to be able to give you a summary of research that many of you participated in a few months ago. Before I do that, though, we need to rewind a bit further back in time.  

Read More [fa icon="long-arrow-right"]

[Video] Jack Jones FAIRCON18 Keynote: “Too Often We Fall Back on Easy Answers”

[fa icon="calendar'] Oct 31, 2018 11:11:26 AM / by Jeff B. Copeland posted in FAIR Conference 2018, Jack Jones, FAIR, Risk Management

[fa icon="comment"] 0 Comments

Jack Jones, FAIR Institute chairman and creator of Factor Analysis of Information Risk, gave a remarkable keynote address to the 2018 FAIR Conference at Carnegie Mellon University in  Pittsburgh that was both an unsparing look at the limitations of the risk profession and a prescription for how to break through to The Next Frontier in Risk Management

Read More [fa icon="long-arrow-right"]

The Rapid Rise of Cyber Fines Makes FAIR More Important Than Ever

[fa icon="calendar'] Oct 10, 2018 10:48:18 AM / by Chip Block posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

The last several months has seen a frightening jump in the fines and judgments against companies over cyber breaches. Uber settled on a $148M fine for their handling of their 2016 breach, Yahoo was hit with an SEC fine of $35M for their disclosure of the breach of their email accounts

Read More [fa icon="long-arrow-right"]

7 Steps to Start Risk Assessment – Advice from 3 FAIR Experts in Dark Reading

[fa icon="calendar'] Oct 5, 2018 12:00:00 PM / by Jeff B. Copeland posted in Jack Jones, Risk Management, FAIR

[fa icon="comment"] 0 Comments

Dark Reading is just out with 7 Steps to Start Your Risk Assessment, a handy guide to FAIR concepts that draws on the advice of three FAIR experts

Read More [fa icon="long-arrow-right"]

Jack Jones on the Big Breach: Facebook May Pay but Should They?

[fa icon="calendar'] Oct 5, 2018 8:41:24 AM / by Jeff B. Copeland posted in Jack Jones, Risk Management

[fa icon="comment"] 2 Comments

While we’re still learning the details of that massive data breach at Facebook – account keys for 50 million users stolen, and potentially wider impact as the same keys were used to log in to third party accounts – FAIR Institute Chairman Jack Jones says this incident, like others before it, exposes some of the shaky underpinnings of cybersecurity risk management.

Read More [fa icon="long-arrow-right"]

New White Paper by Jack Jones: ‘Managing Cybersecurity Surprises’

[fa icon="calendar'] Sep 20, 2018 9:00:00 AM / by Jeff B. Copeland posted in Risk Management, White Paper

[fa icon="comment"] 1 Comment

“Executives hate surprises” begins a new white paper, Managing Cybersecurity Surprises – the Executive’s Perspective, by FAIR model creator Jack Jones, and goes on to detail the four most likely reasons that organizations get blindsided by cybersecurity failures:

Read More [fa icon="long-arrow-right"]

Learn Your Cyber Risk ‘Jobs to Be Done’ at the FAIR Conference

[fa icon="calendar'] Sep 6, 2018 1:39:51 PM / by Jeff B. Copeland posted in FAIR Conference 2018, Risk Management, FAIR

[fa icon="comment"] 0 Comments

It’s a powerful concept in innovation laid out in the Jobs to Be Done theory: Know what your user hopes to accomplish and provide the solution to that specific need.  In planning the 2018 FAIR Conference (October 16-17, Carnegie Mellon University, Pittsburgh), the FAIR Institute built the conference agenda with an eye on the jobs that conference attendees (and their organizations) need to get done.

Read More [fa icon="long-arrow-right"]

Organizational Signals for Changing Risk Appetite

[fa icon="calendar'] Aug 28, 2018 9:00:00 AM / by Jack Freund posted in Risk Management

[fa icon="comment"] 1 Comment

In 2015, the North Carolina Department of Transportation (NC DOT) completed the I-485 project it began in 1988. This delivered to Charlotte a 67-mile outer belt loop around the city that it had desperately needed. With the completion of the last 5.7 miles of the freeway, the NC DOT also declared that the speed limit would rise from 65 to 70 mph.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts