FAIR Institute Blog

Webinar: Solving the Third-Party Risk Equation at Scale

[fa icon="calendar'] May 24, 2018 9:00:00 AM / by FAIR Institute Staff posted in Risk Management

[fa icon="comment"] 0 Comments

Enterprises operate their businesses on third-party platforms and services. Outsourcing of systems and services often involves significant risk, bestowing custodial responsibilities of large amounts of sensitive data and transaction capabilities to third-parties.

Read More [fa icon="long-arrow-right"]

Should Boards Establish a Separate Risk Committee?

[fa icon="calendar'] May 17, 2018 10:22:17 AM / by Nicola (Nick) Sanna posted in Risk Management

[fa icon="comment"] 0 Comments

In traditional board of directors committee structure, each of the board’s five main functions (strategy, executive selection and compensation, governance, audit, risk and compliance) is assigned to a different committee, except one: risk, long handled by the audit committee.

Read More [fa icon="long-arrow-right"]

[Video] FAIR Breakfast at RSAC: Jack Jones on “The Blueprint” for FAIR Program Success

[fa icon="calendar'] May 11, 2018 11:22:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management, Events

[fa icon="comment"] 0 Comments

“To adopt FAIR simply means your organization is using it to make decisions,” FAIR Institute Chairman Jack Jones told the FAIR Institute Breakfast at the recent RSA Conference
Read More [fa icon="long-arrow-right"]

RSA CTO: “People Are Beginning to Think about Security in Risk Terms”

[fa icon="calendar'] May 9, 2018 9:27:46 AM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

In a video interview just out on eWeek, titled “RSA Taking a FAIR Approach to Defining Cyber-Risk”, RSA Chief Technology Officer Zulfikar Ramzan discusses what he calls the “exciting” new direction for RSA Archer: “cyber risk economics and cyber risk quantification.

Read More [fa icon="long-arrow-right"]

A Question of CISO Focus: Technology or Business?

[fa icon="calendar'] May 7, 2018 1:08:14 PM / by Jack Jones posted in Risk Management

[fa icon="comment"] 0 Comments

A few days ago I had the privilege of providing the opening keynote address at an IANS event in Dallas.  If you’re not familiar with IANS (Institute for Applied Network Security), I encourage you to look into it as I believe it serves a very useful purpose and is working hard to be forward-looking.  Regardless, one of the questions that was discussed at this event was how much of a CISO’s focus should be on business versus technology. 

Read More [fa icon="long-arrow-right"]

KRIs for Cybersecurity: Canaries in Coal Mines

[fa icon="calendar'] May 1, 2018 8:30:00 AM / by Jack Freund posted in FAIR, Risk Management

[fa icon="comment"] 2 Comments

For a long time, humans have used various organisms to help them detect dangerous environmental conditions. Animals used for this purpose are called ‘Sentinel Species’ by scientists -- the best example is the use of caged canaries to detect dangerous levels of carbon monoxide in coal mines.

Read More [fa icon="long-arrow-right"]

FAIR Pros Wrap Up RSAC18: The Year of Risk Awareness

[fa icon="calendar'] Apr 26, 2018 11:36:22 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Every year, the RSA Conference is a snapshot of the ever-evolving State of the Cybersecurity Profession (and the vendors who market to it), and this year the State is…more risk- and risk-quantification-aware than ever.

Read More [fa icon="long-arrow-right"]

Reserve a Spot: FAIR Institute Breakfast at Gartner Security & Risk Management

[fa icon="calendar'] Apr 23, 2018 2:31:03 PM / by Luke Bader posted in FAIR, Risk Management, Events

[fa icon="comment"] 0 Comments

The FAIR Institute is excited to announce our first breakfast meeting at the Gartner Security and Risk Management Summit on Tuesday, June 5, 2018 from 7:30 to 10 AM at National Harbor, MD. 

Read More [fa icon="long-arrow-right"]

Who (or What) Is Really a “Cyber Threat”

[fa icon="calendar'] Apr 2, 2018 3:10:15 PM / by David Musselwhite posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

The MIT Technology Review recently published an article about what they called “cyber threats.” While the article identifies trending attack methods and scenarios to be concerned about, none of the things that made the list are actually threats.

Read More [fa icon="long-arrow-right"]

Black Swans in Risk: Myth, Reality and Bad Metaphors

[fa icon="calendar'] Mar 19, 2018 12:00:00 PM / by Tony Martin-Vegue posted in FAIR, Risk Management

[fa icon="comment"] 3 Comments

The term “Black Swan event” has been part of the risk management lexicon since its coinage in 2007 by Nassim Taleb in his eponymous book titled The Black Swan: The Impact of the Highly Improbable.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts