FAIR Institute Blog

Win Converts to FAIR™. Quote Jack Freund’s Manifesto in the ISACA Newsletter

[fa icon="calendar"] Dec 24, 2019 6:30:00 AM / by Jeff B. Copeland

Jack Freund Speaks at FAIR Breakfast RSA 2019If you need a concise manifesto to convince others in your organization of the need for FAIR™ cyber risk quantification – particularly in budget-setting season—Jack Freund, PhD, co-author of the FAIR book Measuring and Managing Information Risk, has written it, just out in the ISACA Newsletter.  

In Analyzing Cybersecurity Spending in Depth,  Jack argues that the recommended controls in NIST Special Publication (SP) 800-53 and other industry standards are so numerous that “many will begin implementing these controls and never arrive at the end of their implementation cycle” given the demands of ongoing cyber hygiene and shifting organizational initiatives.  

“In any environment where resource allocation faces scarcity, economic principles must be applied,” Jack writes, vs. a “gotta catch ‘em all” mind-set.       

FAIR, with its value-at-risk approach, “gives you a way to focus on the riskiest scenarios. A fully formed risk scenario will contain a statement of loss that helps top leadership in your organization focus on what is imperiled along with why it should be funded.  

“Further, relevant control solutions (such as those from NIST SP 800-53) can be paired with loss scenarios to enable decision-makers in the organization to make a fully informed choice.” 

Read – and distribute in your organization – the rest of Jack’s manifesto in the ISACA Newsletter.  

More from Jack Freund: 

Jack Freund in ISACA Blog: Stop Telling Yourself Risk Management Stories

FAIR Book Co-Author Jack Freund's Advice on 3rd Party Risk

Creating a Cyber Risk Intelligence Framework with FAIR

The FAIR Institute is growing - 3 more chapters launch in 2020. Find a chapter near you – and become a member!

Topics: FAIR

Jeff B. Copeland

Written by Jeff B. Copeland

Jeff is the Content Marketing Manager for RiskLens.

Join the FAIR Community

Subscribe to Email Updates

Learn How FAIR Can Help You
Make Better Business Decisions

Recent Posts