FAIR Institute Blog

Academic Study Uncovers How Legal Privilege Undermines Cybersecurity

[fa icon="calendar'] Sep 13, 2022 10:52:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

"In their zeal to preserve the confidentiality of incident response efforts, lawyers frequently undermine the long-term cybersecurity of both their clients and society more broadly.”

Read More [fa icon="long-arrow-right"]

Dos and Don’ts of Using CVSS Scores in Cyber Risk Management

[fa icon="calendar'] May 24, 2022 2:12:25 PM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 1 Comment

CVSS scores are widely used – and widely mis-used – in cyber risk management. The Common Vulnerability Scoring System serves as a valuable alert system to point defenders to weaknesses in their defenses.  But because CVSS scoring is numeric, it is often confused as quantitative cyber risk analysis

Read More [fa icon="long-arrow-right"]

Analyzing Privacy Risk Using FAIR

[fa icon="calendar'] Apr 5, 2022 6:08:00 PM / by R. Jason Cronk posted in Risk Management, Member Content

[fa icon="comment"] 1 Comment

When I saw Jack Jones present on FAIR™ at an IANS Research Forum several years ago, it was like a light bulb went off in my head. I immediately ordered the FAIR book

Read More [fa icon="long-arrow-right"]

CRQ For All: Introducing My Cyber Risk Benchmark from RiskLens (Sponsored Post)

[fa icon="calendar'] Mar 14, 2022 6:00:00 AM / by James Graham posted in Risk Management

[fa icon="comment"] 0 Comments

Every day at RiskLens, we talk to organizations of all shapes, sizes, industries and levels of maturity about our mission to make cyber risk quantification (CRQ) and Factor Analysis of Information Risk (FAIR™) faster and easier for their organizations to adopt and implement.

Read More [fa icon="long-arrow-right"]

4 Ways FAIR Cyber Risk Analysis Saves Money

[fa icon="calendar'] Mar 2, 2022 5:13:31 PM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

By quantifying cyber risk in financial terms, Factor Analysis of Information Risk (FAIR™) brings a bottom-line focus to budgeting and spending decisions

Read More [fa icon="long-arrow-right"]

A Solution for Measuring Inherent Risk

[fa icon="calendar'] Feb 22, 2022 2:32:43 PM / by Jack Jones posted in Risk Management, FAIR-CAM

[fa icon="comment"] 0 Comments

If you search the FAIR Institute blog, you will find several posts about Inherent Risk, each highlighting fundamental problems with the standard definition for Inherent Risk and offering insights and advice regarding how to better define and use it.  To save you the trouble of finding and reading old posts, I’ll boil them down:

Read More [fa icon="long-arrow-right"]

3 Risk Identification Questions You Should Be Asking

[fa icon="calendar'] Feb 8, 2022 11:59:00 PM / by David Musselwhite posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Risk managers are always seeking to address the cybersecurity and technology risks that matter most to their organizations. But you can’t analyze and prioritize what you don’t identify.

Read More [fa icon="long-arrow-right"]

Cyber Risk Management: Establishing a Blueprint with FAIR

[fa icon="calendar'] Feb 1, 2022 7:56:00 AM / by Daniel Stone and Tyler Ross posted in Risk Management

[fa icon="comment"] 0 Comments

We recently had an opportunity to present a webinar in conjunction with the FAIR Institute about modeling and measuring cyber risk appetite with Factor Analysis of Information Risk (FAIR™), the international standard for cyber risk quantification.

Read More [fa icon="long-arrow-right"]

PRMIA Survey Finds Data a Major Pain Point for Risk Managers

[fa icon="calendar'] Oct 7, 2021 7:57:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

A recent survey by the Professional Risk Managers International Association (PRMIA) uncovered high frustration among risk professionals with data – the quality, usability, and general time suck required for the raw material of risk analysis.

Read More [fa icon="long-arrow-right"]

3 Ways FAIR Integrates with Your Existing Cybersecurity Programs

[fa icon="calendar'] Aug 19, 2021 8:30:24 AM / by Maria Echaniz posted in Risk Management

[fa icon="comment"] 0 Comments

As a member of the FAIR Enablement Specialist (FES) team at the FAIR Institute, I consult for many individuals and teams as they start on their journeys to better risk management through cyber risk quantification

Read More [fa icon="long-arrow-right"]
LEARN MORE
Content not found

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts