FAIR Institute Blog

ACCA Urges Accountants to Play a Leading Role in Assessing and Communicating Risk

[fa icon="calendar'] Jul 20, 2021 10:47:43 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

A new white paper from the Association of Chartered Certified Accountants (ACCA), “Rethinking Risk for the Future”, argues that “accountancy is playing an increasingly larger role in navigating organizations through the urgent problems and interconnected risks

Read More [fa icon="long-arrow-right"]

Prioritizing Cloud Security Controls Using FAIR

[fa icon="calendar'] Jul 14, 2021 8:51:17 AM / by Sambit Misra posted in Risk Management

[fa icon="comment"] 0 Comments

Companies have gradually been moving to the cloud for years, but still need a model for prioritizing security initiatives for their cloud migration. Feedback from our clients is that organizations spread across multiple geographies, markets and business functions operate in silos

Read More [fa icon="long-arrow-right"]

How to Quantify Total Cyber Risk for an IT Asset with FAIR

[fa icon="calendar'] Jul 13, 2021 11:02:00 AM / by Tyler Britton posted in Risk Management

[fa icon="comment"] 2 Comments

Total risk for an IT asset such as a data repository or web app is exactly what is sounds like: the aggregate risk to a digital asset posed by relevant cybersecurity risk scenarios. That is, an asset will have a combination of relevant scenarios

Read More [fa icon="long-arrow-right"]

SEC vs. First American Financial Sends a Message – Identify and Disclose Top Cyber Risk or We’ll Fine You

[fa icon="calendar'] Jun 30, 2021 11:52:51 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

In a warning of a get-tough policy on cyber risk management, the Securities and Exchange Commission (SEC) has fined First American Financial Corp. (FAFC), finding that the major title insurance and escrow company “did not have any disclosure controls and procedures related to cybersecurity,

Read More [fa icon="long-arrow-right"]

Three Tips to Make Cyber Risk Quantification Work for Your General Counsel as Well

[fa icon="calendar'] May 25, 2021 3:39:19 PM / by Nicola (Nick) Sanna posted in Risk Management

[fa icon="comment"] 0 Comments

Surprisingly, we still sometimes hear that some cyber risk professionals are challenged by their General Counsel and legal department not to quantify their cyber risk, as that might - in their opinion - introduce a liability, driven by the fact of possibly knowing about a problem and not having done enough to address it.  

Read More [fa icon="long-arrow-right"]

Hacking the COVID Cold Chain: A Health Care Sector Example of FAIR

[fa icon="calendar'] Apr 26, 2021 4:06:32 PM / by Colin Connor and Itzik Kotler posted in Risk Management, Member Content

[fa icon="comment"] 1 Comment

In September, 2020, our IBM X-Force IRIS security analysis group began tracking strange phishing attacks targeting suppliers of HVAC equipment and services.

Read More [fa icon="long-arrow-right"]

Create a Forward-Looking Risk Register - Part 2 of Tony Martin-Vegue's 'Modeling the Vulnerability du Jour'

[fa icon="calendar'] Apr 14, 2021 12:53:20 PM / by Tony Martin-Vegue posted in Risk Management, Member Content

[fa icon="comment"] 0 Comments

Strange, unusual, media-worthy vulnerabilities and cyberattacks… they seem to pop up every few months or so and send us risk managers into a fire drill. The inevitable questions follow:

Read More [fa icon="long-arrow-right"]

Lawfare Blog Post on Enterprise Cybersecurity Measurement Makes the Case for Integrating FAIR in a 'Modular' Defense

[fa icon="calendar'] Apr 8, 2021 8:32:28 AM / by FAIR Institute Staff posted in Risk Management

[fa icon="comment"] 0 Comments

With permission, we are re-publishing this post from Lawfare, the influential blog that covers the intersection between law and national security.

Read More [fa icon="long-arrow-right"]

World Economic Forum Report Advises Boards of Directors to “Understand the Economic Drivers and Impact of Cyber Risk”

[fa icon="calendar'] Mar 23, 2021 11:04:57 AM / by Luke Bader posted in Risk Management

[fa icon="comment"] 0 Comments

The World Economic Forum’s new report. Principles for Board Governance of Cyber Risk, is the work of a panel of international experts on cybersecurity, including FAIR Institute President Nicola (Nick) Sanna

Read More [fa icon="long-arrow-right"]

A Second Look at the Water Utility Hack in Florida with ICS Expert Mike Radigan

[fa icon="calendar'] Feb 18, 2021 10:21:23 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

The hack at the Oldsmar, Florida, water treatment plant, an attempt to inject harmful levels of lye, drew headlines fretting over the possibility of cyber-terror striking a utility sector with “few protections against hacking,” as the Wall St. Journal said.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts