Watch the Webinar: How Financial Risk Quantification Can Help Federal Agencies Better Integrate Cybersecurity Risk and ERM

In this webinar, FAIR Institute President Nick Sanna gives the Association for Federal Enterprise Risk Management (AFERM) an introduction to FAIR, the international standard for cyber risk quantification, and a look at how federal agencies are applying the FAIR model to bring cyber risk management on financial terms to government.  

Watch the webinar now:


Some of the key points Nick covers:  

  • Nick SannaWhat are the Federal Government mandates requiring the assessment of cybersecurity risk, in terms of probable loss event?
  • The problems with the way that many agencies attempt to meet federal directives on risk management, relying on qualitative risk scoring practices that don’t enable effective decision-making.
  • The first value that the FAIR approach brings: A common definition of cyber risk that’s compatible with ERM. 
  • How the FAIR method leads to fresh insights on pricing risk in the federal sector – have you considered the response costs associated with a cyber event such as a data breach?
  • Some specific use cases, showing how FAIR quantifies results in dollar terms that clarify decisions on mitigating a data breach scenario and prioritizing POA&M’s based on an agency’s risk tolerance for probable financial losses.  

“The word is starting to spread in cybersecurity circles,” Nick says, with FAIR advocates at NASA and the DOE recently briefing OMB on how FAIR and quantification might be applied across the government.  A good starting point for any interested federal government risk manager would be joining the FAIR Institute’s Government Chapter.

Related: How FAIR™ Can Help the US Federal Government Better Prioritize and Right-Size Its Cybersecurity Investments blog post by Nick Sanna

Learn How FAIR Can Help You Make Better Business Decisions

Order today
image 37