FAIR Institute Blog

Gartner Endorses Risk Quantification as Critical to Integrated Risk Management

[fa icon="calendar'] Jul 19, 2018 8:30:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Gartner, the influential technology consulting firm, has named “risk quantification and analytics” to its list of “critical capabilities” for integrated risk management (IRM), the latest endorsement for a FAIR-style approach to managing cyber risk based on financial analysis.  

Read More [fa icon="long-arrow-right"]

Jack Jones in 'Dark Reading': Loose Talk on ‘Risk’ Damages Infosec Profession

[fa icon="calendar'] Jul 12, 2018 8:45:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management, Jack Jones

[fa icon="comment"] 0 Comments

In a new commentary on the Dark Reading website, What We Talk About When We Talk About Risk, FAIR Institute Chairman and cyber risk quantification pioneer Jack Jones takes the cybersecurity profession to task for the many confused – and confusing – ways it uses the term risk.

Read More [fa icon="long-arrow-right"]

IMF Chief Says Finance Sector Urgently Needs Cyber Risk Quantification

[fa icon="calendar'] Jul 9, 2018 8:00:00 AM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

In a recent LinkedIn post, Christine Lagarde, Managing Director of the International Monetary Fund, calls cyber risk not just a top risk but “a significant threat to the financial system” and cites a new IMF study that cyber attacks could already cost banks close to nine percent of net income globally or around $100 billion on average a year. 

Read More [fa icon="long-arrow-right"]

Jack Jones and James Lam on NACD Blog: “Get the Right Cybersecurity Reports”

[fa icon="calendar'] Jun 25, 2018 9:00:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

If you’re a board member looking to get your arms around cybersecurity – or a CISO or other IT risk officer looking to win the admiration and support of your board – Jack Jones, the FAIR model creator and cyber risk guru, and James Lam, the enterprise risk management authority, have some very specific recommendations

Read More [fa icon="long-arrow-right"]

Our Addiction to "Zero Cost" Risk Measurement

[fa icon="calendar'] Jun 20, 2018 9:00:00 AM / by Jack Jones posted in Risk Management

[fa icon="comment"] 0 Comments

One of the significant hurdles we have to overcome as a profession is our addiction to “zero cost” risk measurement.  Let me explain…

Read More [fa icon="long-arrow-right"]

Expert Tips on Adopting FAIR from Our Breakfast Meeting at Gartner

[fa icon="calendar'] Jun 8, 2018 1:25:31 PM / by Jeff B. Copeland posted in FAIR, Risk Management, Events

[fa icon="comment"] 0 Comments

The FAIR Institute breakfast during the recent Gartner Security & Risk Management Summit was an opportunity for FAIR newbies to soak up advice from veteran practitioners.

Read More [fa icon="long-arrow-right"]

Webinar: Solving the Third-Party Risk Equation at Scale

[fa icon="calendar'] May 24, 2018 9:00:00 AM / by FAIR Institute Staff posted in Risk Management

[fa icon="comment"] 0 Comments

Enterprises operate their businesses on third-party platforms and services. Outsourcing of systems and services often involves significant risk, bestowing custodial responsibilities of large amounts of sensitive data and transaction capabilities to third-parties.

Read More [fa icon="long-arrow-right"]

Should Boards Establish a Separate Risk Committee?

[fa icon="calendar'] May 17, 2018 10:22:17 AM / by Nicola (Nick) Sanna posted in Risk Management

[fa icon="comment"] 0 Comments

In traditional board of directors committee structure, each of the board’s five main functions (strategy, executive selection and compensation, governance, audit, risk and compliance) is assigned to a different committee, except one: risk, long handled by the audit committee.

Read More [fa icon="long-arrow-right"]

[Video] FAIR Breakfast at RSAC: Jack Jones on “The Blueprint” for FAIR Program Success

[fa icon="calendar'] May 11, 2018 11:22:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management, Events

[fa icon="comment"] 0 Comments

“To adopt FAIR simply means your organization is using it to make decisions,” FAIR Institute Chairman Jack Jones told the FAIR Institute Breakfast at the recent RSA Conference
Read More [fa icon="long-arrow-right"]

RSA CTO: “People Are Beginning to Think about Security in Risk Terms”

[fa icon="calendar'] May 9, 2018 9:27:46 AM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

In a video interview just out on eWeek, titled “RSA Taking a FAIR Approach to Defining Cyber-Risk”, RSA Chief Technology Officer Zulfikar Ramzan discusses what he calls the “exciting” new direction for RSA Archer: “cyber risk economics and cyber risk quantification.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts