FAIR Institute Blog

From a FAIR™ Institute Perspective, COVID-19 Isn’t a Black Swan. It’s a Gray Rhino

[fa icon="calendar'] Mar 25, 2020 6:29:40 PM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

“Coronavirus is the black swan of 2020,” says a recent statement by Sequoia, the prominent venture capital firm, repeating a buzzy term that’s being widely circulated to describe the current pandemic crisis

Read More [fa icon="long-arrow-right"]

Poll: FAIR™ Institute Members Say Work from Home Will Be Top Risk Category in Business Continuity Planning

[fa icon="calendar'] Mar 19, 2020 7:00:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

We took a short survey of FAIR™ Institute email subscribers to get a quick read on their involvement with business continuity planning for the impact of COVID-19.  The poll keyed off a podcast with Jack Freund

Read More [fa icon="long-arrow-right"]

Podcast: Jack Freund on the Role for FAIR™ Risk Analysts in Business Continuity Planning for Coronavirus

[fa icon="calendar'] Mar 11, 2020 12:31:48 PM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

Organizations are rethinking their business continuity plans to get ahead of the coronavirus COVID-19 pandemic– an opportunity for IT risk analysts to bring to the table the critical thinking skills of Factor Analysis of Information Risk (FAIR™) and quantitative cyber risk analysis.

Read More [fa icon="long-arrow-right"]

Shopping for Cyber Loss Data

[fa icon="calendar'] Feb 18, 2020 3:56:27 PM / by Allison H.K. Seidel posted in Risk Management

[fa icon="comment"] 0 Comments

One of the keys to consistency when using the FAIR™ model is using the same magnitude across cyber loss data analyses. Particularly when using it for a risk assessment where the goal is to be compliant with regulations and compare the applications to each other, it is reasonable and “fair” to use consistent magnitude amounts.

Read More [fa icon="long-arrow-right"]

'Why Is the Healthcare Industry Still So Bad at Cybersecurity?' Let's Start with Risk

[fa icon="calendar'] Feb 12, 2020 1:40:11 PM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

A new article from Ars Technica asks the question “why is the healthcare industry still so bad at cybersecurity?” and answers with an inventory of institutional and regulatory shortsightedness, resistance to change, lack of budget and simple confusion that calls out for the kind of re-set button that other industries are hitting with a risk-based approach to cybersecurity like FAIR™.  

Read More [fa icon="long-arrow-right"]

Webinar on Demand: How Fannie Mae Integrates FAIR™ Cyber Risk Analysis and Threat Intel

[fa icon="calendar'] Feb 11, 2020 2:42:47 PM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

In this webinar, Cyber Intelligence Analyst Samantha Chamberlin, tells how Fannie Mae uses FAIR™ to solve the common problems of both threat intelligence and risk analysis teams, particularly the challenges of gathering information from technical SMEs

Read More [fa icon="long-arrow-right"]

Meet a Member Podcast: Chris Golden, Director of Information Security at Horizon Blue Cross Blue Shield of New Jersey

[fa icon="calendar'] Feb 5, 2020 3:45:44 PM / by Jeff B. Copeland posted in FAIR, Risk Management, Meet a Member

[fa icon="comment"] 0 Comments

Many FAIR program leaders start at a ground level and work their way up to a board presentation.  Chris Golden started at the top, as he tells FAIR Institute Director Luke Bader in this podcast interview, demonstrating FAIR to the board for the green light on a risk quantification initiative.  

Read More [fa icon="long-arrow-right"]

Tips to Prepare for the Open FAIR™ Certification Exam

[fa icon="calendar'] Jan 29, 2020 5:03:53 PM / by Adham Etoom posted in FAIR, Risk Management

[fa icon="comment"] 2 Comments

In March, 2019, I passed the ISACA CRISC exam and got certified in the next month. The CRISC is a great certificate because it shifts your mindset and helps you to establish standardized information risk management practices. 

However, I decided not to stop there, but to further search for holistic and effective standards for cyber risk quantification

Read More [fa icon="long-arrow-right"]

Cyber Risk Management Maturity Benchmark Survey Results Show Where There’s Room to Improve

[fa icon="calendar'] Jan 29, 2020 3:08:01 PM / by Luke Bader posted in Risk Management

[fa icon="comment"] 0 Comments

The FAIR™ Institute’s third annual Cyber Risk Management Maturity Benchmark Survey results are in, and show “a lot of opportunity left in the risk management space for improvement,” says survey report author and FAIR Institute Fellow Jack Freund, PhD.  

Read More [fa icon="long-arrow-right"]

How to Combine NIST CSF and FAIR™ to Drive Better Cyber Risk Decisions – Watch this Webinar on Demand

[fa icon="calendar'] Jan 22, 2020 11:24:50 AM / by Luke Bader posted in FAIR, Risk Management

[fa icon="comment"] 2 Comments

In this webinar sponsored by our technical advisor, RiskLens, hundreds of your peers in cybersecurity and risk came to get answers to some burning questions.

How do I get more value from the NIST CSF Framework?

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts