We have a deep bench of organizations practicing Factor Analysis of Information Risk (FAIR™) represented by the 11,000+ members of the FAIR Institute. Here’s a small sample of public and private enterprises that have shared details on their FAIR programs with our membership.
“We’ve taken the step to start to build a structured risk assessment program that looks at metrics as they come in, how they map to the FAIR factors like Threat Event Frequency, how they map to the scenarios we’ve built out, whether it’s a privileged insider taking adverse action or a hacker breaking into your systems. It gives us that framework to do some repeatable risk assessments.”
--Tim Titcomb, VP – Technology Risk
Meet a Member Podcast: Tim Titcomb, VP, Technology Risk, at Fidelity Investments
FAIRCON19 Video: Use Case Panorama – FAIR™ Practitioner Success Stories from Fidelity and More
--Omar Khawaja, CISO
Meet a Member: Omar Khawaja, Introducing FAIR to Highmark Health
FAIR Training and Certification – Take Your Career to the Next Level
Netflix deploys FAIR risk analysis for decision support at three levels:
--Tony Martin-Vegue, Sr. Information Security Risk Engineer
Video: How Netflix Rethinks Cyber Risk Analysis with FAIR (FAIRCON2020)
-- Sarina Hothi, Security Program Manager
FAIRCON2020 Video: Implementing FAIR Risk Management at DoorDash at ‘1,000 Miles a Minute’
“If you can boil [risk] down to the specific loss event scenarios that resonate with business leaders, they can understand the disruption of your critical service which is supporting their business goal. They can then start to talk about the event in ways that open your eyes as the risk analyst and really give you detail to things you would not have thought of. FAIR is great for that.”
--Drew Simonis, VP, Global Security
--Cody Scott, Chief Cyber Risk Officer s