FAIR Institute Blog

Sponsored Webinar: RiskLens Introduces Rapid Risk Assessment Capability

[fa icon="calendar'] Aug 30, 2020 8:02:00 PM / by Luke Bader posted in Risk Management

[fa icon="comment"] 0 Comments

The FAIR Institute’s technical partner, RiskLens, joined us for a sponsored webinar to introduce Rapid Risk Assessment, a new capability on the RiskLens platform that brings high speed and high volume to FAIR™ analysis. 

Read More [fa icon="long-arrow-right"]

How FAIR Helped Me Rethink 3 IT Audit Questions

[fa icon="calendar'] Aug 26, 2020 10:03:56 AM / by Kevin Gust posted in Risk Management

[fa icon="comment"] 0 Comments

In my career as an IT auditor, there were a few questions I struggled to answer when communicating with clients and peers.

Read More [fa icon="long-arrow-right"]

Using FAIR to Understand Change in Resilience Risk – Guide and Webinar from Protiviti

[fa icon="calendar'] Aug 6, 2020 7:41:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

It’s a question increasingly asked by boards in these uncertain times: How resilient is our organization? FAIR Institute partner Protiviti is advancing a creative way to answer that question quantitatively using FAIR™.  

Read More [fa icon="long-arrow-right"]

How to Set Goals for a Cyber Risk Management Program and Integrate with ERM – Tips from the DOE

[fa icon="calendar'] Aug 4, 2020 7:58:00 AM / by Jeff B. Copeland posted in Risk Management, Government

[fa icon="comment"] 0 Comments

In a recent National institute of Standards and Technology webinar on integrating cybersecurity and ERM, Energy Dept. CISO Emery Csulak shared the goals his agency set for its transition to a cyber risk management program based on FAIR™ -- high-level principles that could apply equally to the government or corporate information security. 

Read More [fa icon="long-arrow-right"]

NISTIR 8286 Second Draft: Strong Focus on Risk Quantification for Aligning Cyber and Enterprise Risk Management

[fa icon="calendar'] Jul 30, 2020 7:42:00 AM / by Jack Freund posted in Risk Management, Government

[fa icon="comment"] 2 Comments

NIST has released a second draft of its groundbreaking NISTIR 8286 standard that provides a roadmap for organizations looking to better align cyber risk management with enterprise risk management functions.

Read More [fa icon="long-arrow-right"]

NASA’s Risk Management Handbook Shares the Spirit of FAIR™ and Quantitative Risk Analysis

[fa icon="calendar'] Jun 4, 2020 7:30:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

With the first flight of an American spacecraft carrying NASA astronauts launched from US soil since 2011, a FAIR Institute Member sent us a note pointing out that the NASA Risk Management Handbook shares a lot of the spirit of FAIR™.  

Read More [fa icon="long-arrow-right"]

Five Questions the Board Should Ask the CISO

[fa icon="calendar'] May 21, 2020 7:34:00 AM / by Michael Radigan posted in Risk Management

[fa icon="comment"] 1 Comment

Board directors and senior executives are obligated to govern their organizations’ cyber risk management efforts. To this end, they are being educated by such organizations as the NACD or the Big 4 on foundational concepts of information security and cyber risk management.

Read More [fa icon="long-arrow-right"]

Primary vs. Secondary Loss in FAIR™ Analysis: What's the Difference and Why It Matters

[fa icon="calendar'] May 19, 2020 9:52:20 AM / by Taylor Maze and David Musselwhite posted in Risk Management

[fa icon="comment"] 3 Comments

“All models are wrong, but some are useful.” By those words, professor and statistician George Box reminds us that models, including the FAIR™ Model, are approximations of reality.

Read More [fa icon="long-arrow-right"]

How FAIR™ Can Help the US Federal Government Better Prioritize and Right-Size Its Cybersecurity Investments

[fa icon="calendar'] May 15, 2020 7:45:00 AM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

>>DHS/OMB mean well in pushing for a risk-based approach to cybersecurity in the Federal Government, but their requirements fall short of helping agencies effectively prioritize and right-size their cybersecurity investments

Read More [fa icon="long-arrow-right"]

Webinar: Jack Jones on Changing Executive Priorities and Investments in Security with Risk Quantification

[fa icon="calendar'] May 13, 2020 11:03:31 AM / by Luke Bader posted in Risk Management

[fa icon="comment"] 1 Comment

If you’re looking to make a case for budget or other executive support for a cybersecurity program, FAIR™ model creator Jack Jones shows you the way in this webinar

Read More [fa icon="long-arrow-right"]
LEARN MORE