Originally published in April, 2019, this summary matrix has now been updated to include the integration of FAIR into the NIST Cybersecurity Framework. NIST has now listed FAIR as an Informative Reference for risk management and risk assessment in the framework. Learn more in this blog post: NIST Maps FAIR to the CSF: Big Step Forward in Acceptance of Cyber Risk Quantification.
All-in-One Matrix: Regulatory Compliance Risk Assessment Overview - Updated with NIST CSF + FAIR
[fa icon="calendar'] Sep 19, 2019 10:45:00 AM / by Steve Reznik posted in FAIR, Risk Management, White Paper
Download 'Understanding Cyber Risk Quantification: The Buyer’s Guide' by Jack Jones
[fa icon="calendar'] Jun 17, 2019 3:00:00 PM / by Jeff B. Copeland posted in FAIR, White Paper
From Jack Jones, Chairman of the FAIR Institute and creator of the FAIR model for cyber risk quantification (CRQ) — the definitive guide to understanding CRQ: What it is (and isn't), its value proposition and limitations, and facts regarding the misperceptions that are commonplace.
New White Paper by Jack Jones: ‘Managing Cybersecurity Surprises’
[fa icon="calendar'] Sep 20, 2018 9:00:00 AM / by Jeff B. Copeland posted in Risk Management, White Paper
“Executives hate surprises” begins a new white paper, Managing Cybersecurity Surprises – the Executive’s Perspective, by FAIR model creator Jack Jones, and goes on to detail the four most likely reasons that organizations get blindsided by cybersecurity failures:
[White Paper] A Clarification of "Risks"?
[fa icon="calendar'] Jan 12, 2017 8:00:00 AM / by Jack Jones posted in FAIR, Risk Management, White Paper
One of the most significant barriers to effectively measuring and communicating about risk is the imprecise use of fundamental nomenclature.
[White Paper] Effectively Leveraging Data in FAIR Analyses
[fa icon="calendar'] Oct 25, 2016 4:00:00 PM / by Jack Jones posted in FAIR, Risk Management, White Paper
by Jack Jones
With the advent of FAIR, organizations finally have a risk model that enables effective cyber risk measurement (quantification).