FAIR Institute Blog

New White Paper by Jack Jones: ‘Managing Cybersecurity Surprises’

[fa icon="calendar'] Sep 20, 2018 9:00:00 AM / by Jeff B. Copeland posted in Risk Management, White Paper

[fa icon="comment"] 0 Comments

“Executives hate surprises” begins a new white paper, Managing Cybersecurity Surprises – the Executive’s Perspective, by FAIR model creator Jack Jones, and goes on to detail the four most likely reasons that organizations get blindsided by cybersecurity failures:

Read More [fa icon="long-arrow-right"]

Learn Your Cyber Risk ‘Jobs to Be Done’ at the FAIR Conference

[fa icon="calendar'] Sep 6, 2018 1:39:51 PM / by Jeff B. Copeland posted in FAIR, Risk Management, FAIR Conference 2018

[fa icon="comment"] 0 Comments

It’s a powerful concept in innovation laid out in the Jobs to Be Done theory: Know what your user hopes to accomplish and provide the solution to that specific need.  In planning the 2018 FAIR Conference (October 16-17, Carnegie Mellon University, Pittsburgh), the FAIR Institute built the conference agenda with an eye on the jobs that conference attendees (and their organizations) need to get done.

Read More [fa icon="long-arrow-right"]

Organizational Signals for Changing Risk Appetite

[fa icon="calendar'] Aug 28, 2018 9:00:00 AM / by Jack Freund posted in Risk Management

[fa icon="comment"] 1 Comment

In 2015, the North Carolina Department of Transportation (NC DOT) completed the I-485 project it began in 1988. This delivered to Charlotte a 67-mile outer belt loop around the city that it had desperately needed. With the completion of the last 5.7 miles of the freeway, the NC DOT also declared that the speed limit would rise from 65 to 70 mph.

Read More [fa icon="long-arrow-right"]

Announcing Loss Exceedance Charts in the FAIR-U Training App

[fa icon="calendar'] Aug 20, 2018 2:30:36 PM / by Bryan Smith posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Have you ever looked at the results of a FAIR risk analysis and wondered what's the probability that a loss will hit the max? Or looked at the results and tried to answer how much risk you are comfortable with? If so, the new Loss Exceedance Charts introduced in the latest release of FAIR-U are your answer.

Read More [fa icon="long-arrow-right"]

Heat Maps Don’t Support ISO 31000

[fa icon="calendar'] Aug 14, 2018 12:00:00 PM / by Osama Salah posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

I was recently re-reading ISO 31000 because that's what one does for fun (don't you?). Surprisingly I noticed on a few occasions that using heat maps (or qualitative RM) appears to not align with the guidelines.

Read More [fa icon="long-arrow-right"]

When Every Risk Is “Medium”

[fa icon="calendar'] Aug 13, 2018 12:40:07 PM / by Cary Wise posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

When analysts don’t use a rigorous risk quantification model like FAIR to rate risks, and instead rely on the mental models in their heads they’ve developed from years of habit – odd things happen.

Read More [fa icon="long-arrow-right"]

Top 3 Books for New Risk Analysts

[fa icon="calendar'] Aug 2, 2018 12:00:00 PM / by Chad Weinman posted in FAIR, Risk Management

[fa icon="comment"] 1 Comment

Our professional team here at RiskLens has been steadily growing for the past two years. Our risk consultants come from a variety backgrounds; with and without direct prior experience in risk management. 

Read More [fa icon="long-arrow-right"]

Banks Move to FAIR for FFIEC Cybersecurity Risk Assessments

[fa icon="calendar'] Aug 2, 2018 9:00:00 AM / by Rachel Slabotsky posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

In a previous blog post, I wrote about how the FAIR quantitative risk model can be used to meet various regulatory and compliance requirements (specifically those that indicate the need for a formal risk assessment).

Read More [fa icon="long-arrow-right"]

Case Study: Demystifying ICS Cyber Risk with FAIR

[fa icon="calendar'] Jul 30, 2018 10:59:00 AM / by Michael Radigan posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

With all the news about Russian hackers targeting US utility plant networks, we're bringing back into view this blog post about cyber risk quantification for utility operators, by Industrial Control System (ICS) authority Michael Radigan of Leidos Cyber, Inc.

Read More [fa icon="long-arrow-right"]

Fight Your Fear of Forecasting Loss

[fa icon="calendar'] Jul 25, 2018 2:14:04 PM / by David Musselwhite posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

Take a look at the course offerings of most top-tier business schools and you’ll find listings like “Applied Business Forecasting,” where students “acquire hands-on experience with building and applying forecasting models to actual data on sales, inventories, income, earnings per share, and other variables widely encountered in business

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts