FAIR Institute Blog

NASA’s Risk Management Handbook Shares the Spirit of FAIR™ and Quantitative Risk Analysis

[fa icon="calendar'] Jun 4, 2020 7:30:00 AM / by Jeff B. Copeland posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

With the first flight of an American spacecraft carrying NASA astronauts launched from US soil since 2011, a FAIR Institute Member sent us a note pointing out that the NASA Risk Management Handbook shares a lot of the spirit of FAIR™.  

Read More [fa icon="long-arrow-right"]

Five Questions the Board Should Ask the CISO

[fa icon="calendar'] May 21, 2020 7:34:00 AM / by Michael Radigan posted in Risk Management

[fa icon="comment"] 1 Comment

Board directors and senior executives are obligated to govern their organizations’ cyber risk management efforts. To this end, they are being educated by such organizations as the NACD or the Big 4 on foundational concepts of information security and cyber risk management.

Read More [fa icon="long-arrow-right"]

Primary vs. Secondary Loss in FAIR™ Analysis: What's the Difference and Why It Matters

[fa icon="calendar'] May 19, 2020 9:52:20 AM / by Taylor Maze and David Musselwhite posted in Risk Management

[fa icon="comment"] 3 Comments

“All models are wrong, but some are useful.” By those words, professor and statistician George Box reminds us that models, including the FAIR™ Model, are approximations of reality.

Read More [fa icon="long-arrow-right"]

How FAIR™ Can Help the US Federal Government Better Prioritize and Right-Size Its Cybersecurity Investments

[fa icon="calendar'] May 15, 2020 7:45:00 AM / by Nicola (Nick) Sanna posted in FAIR, Risk Management

[fa icon="comment"] 0 Comments

>>DHS/OMB mean well in pushing for a risk-based approach to cybersecurity in the Federal Government, but their requirements fall short of helping agencies effectively prioritize and right-size their cybersecurity investments

Read More [fa icon="long-arrow-right"]

Webinar: Jack Jones on Changing Executive Priorities and Investments in Security with Risk Quantification

[fa icon="calendar'] May 13, 2020 11:03:31 AM / by Luke Bader posted in Risk Management

[fa icon="comment"] 1 Comment

If you’re looking to make a case for budget or other executive support for a cybersecurity program, FAIR™ model creator Jack Jones shows you the way in this webinar

Read More [fa icon="long-arrow-right"]

Sponsored Post: RiskLens Announces New Solutions to Keep Risk Under Control with Lower Security Budgets, Greater Challenges from COVID-19

[fa icon="calendar'] Apr 30, 2020 10:47:25 AM / by RiskLens posted in Risk Management

[fa icon="comment"] 0 Comments

RiskLens--the technical advisor of the FAIR Institute and the company with the only SaaS platform for quantitative cyber risk management based on the FAIR model--is offering new solutions to help security and risk professionals meet the extraordinary challenges of these pandemic times. 

Read More [fa icon="long-arrow-right"]

Webinar: Jack Jones on Lessons for Cyber Risk from Military ‘Situational Awareness’

[fa icon="calendar'] Apr 29, 2020 8:10:00 AM / by Jeff B. Copeland posted in Risk Management

[fa icon="comment"] 0 Comments

Watch this webinar for a fresh look at analyzing and acting on cyber risk, as FAIR Institute Chairman and FAIR model creator Jack Jones, applies “situational awareness” from the world of the military to the cyber world.

Read More [fa icon="long-arrow-right"]

NIST's Advice: Integrate Cyber Risk with Enterprise Risk Using FAIR™

[fa icon="calendar'] Apr 28, 2020 2:49:31 PM / by Jack Freund posted in Risk Management

[fa icon="comment"] 1 Comment

NIST has released a draft document to help organizations align their cyber risk management operations with an enterprise risk management function.

Read More [fa icon="long-arrow-right"]

Why NIST 800-300 and CVSS Are Not Enough for Effective Risk Management - Jack Freund

[fa icon="calendar'] Apr 23, 2020 8:37:00 AM / by Jack Freund posted in Risk Management

[fa icon="comment"] 0 Comments

Many organizations look to NIST to help them construct their cyber security programs. Security frameworks, such as NIST CSF, are very popular for helping to ensure you’ve identified a complete list of necessary controls

Read More [fa icon="long-arrow-right"]

Drawing FAIR™ Conclusions from Cyentia’s Information Risk Insights Study (IRIS)

[fa icon="calendar'] Apr 23, 2020 6:24:00 AM / by Taylor Maze posted in Risk Management

[fa icon="comment"] 0 Comments

The Cyentia Institute recently published the Information Risk Insights Study (IRIS), which utilized data gathered via Advisen on tens of thousands of known cyber events over the past decade to draw conclusions about the frequency and magnitude of such events.

Read More [fa icon="long-arrow-right"]
LEARN MORE

Subscribe to Email Updates

417NjDVYgtL._SX404_BO1204203200_.jpg
Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts