FAIR Institute Blog

The FAIR Institute’s technical partner, RiskLens, joined us for a sponsored webinar to introduce Rapid Risk Assessment, a new capability on the RiskLens platform that brings high speed and high volume to FAIR™ analysis. 

In my career as an IT auditor, there were a few questions I struggled to answer when communicating with clients and peers.

It’s a question increasingly asked by boards in these uncertain times: How resilient is our organization? FAIR Institute partner Protiviti is advancing a creative way to answer that question quantitatively using FAIR™.  

In a recent National institute of Standards and Technology webinar on integrating cybersecurity and ERM, Energy Dept. CISO Emery Csulak shared the goals his agency set for its transition to a cyber risk management program based on FAIR™ -- high-level principles that could apply equally to the government or corporate information security. 

With the first flight of an American spacecraft carrying NASA astronauts launched from US soil since 2011, a FAIR Institute Member sent us a note pointing out that the NASA Risk Management Handbook shares a lot of the spirit of FAIR™.  

Board directors and senior executives are obligated to govern their organizations’ cyber risk management efforts. To this end, they are being educated by such organizations as the NACD or the Big 4 on foundational concepts of information security and cyber risk management.

“All models are wrong, but some are useful.” By those words, professor and statistician George Box reminds us that models, including the FAIR™ Model, are approximations of reality.

If you’re looking to make a case for budget or other executive support for a cybersecurity program, FAIR™ model creator Jack Jones shows you the way in this webinar