Building an Effective Cyber Risk Management Program that Actually Works

FAIR Institute Breakfast Meeting during RSA® Conference 2020

*This event is currently at capacity. If you would like to be put on a wait list, please fill out the form to the right. We will reach out if seats become available.

Are you looking to build a cyber risk management program that can help you measure and manage cyber risk from the business perspective, in financial terms, all while making regulators happy? Then join us for our upcoming FAIR Institute Breakfast featuring Jack Jones, 3x CISO, and author of the FAIR Standard Risk Model. Hear about his experiences in accompanying many of the world's largest organizations as they developed risk management programs that actually work.

Our annual breakfast will take place on Wednesday, February 26 at the Parc 55 San Francisco Hotel and showcase Jack and other industry experts. They'll demonstrate how building a true and effective cyber risk management program is crucial for your organization as the industry moves towards cyber risk quantification as the way to cost-effectively manage risk, justify security budgets, and meet growing regulatory demands.

Join us for two days of on-site learning before the RSA® Conference 2020 on February 23 & 24, for the Introductory FAIR Analysis Fundamentals Course. Led by FAIR experts from our technical advisor, RiskLens®, this workshop-style course will walk you through a foundational introduction to FAIR's core principles. Register here today!

When: February 26, 2020, 7:30 - 10:30 AM PST
Where: Parc 55 San Francisco, Embarcadero Room (Level Three)
55 Cyril Magnin Street, San Francisco, CA 94102
Map: 5 blocks from the Moscone Center
Save to Outlook

The meeting presentations will include practical takeaways on how to:
  • Outline the various stages of adopting and building a cyber risk management program 
  • Explain the economic benefits of using quantitative models over qualitative methods
  • Share experiences and journeys on how they have built or are building full risk management                    programs


  • 7:30-8:30 AM - Breakfast & Networking
  • 8:30-8:45 AM - Opening Remarks
  • 8:45-9:15 AM - Keynote Presentation by Jack Jones, Chairman, FAIR Institute, author of the                  FAIR Model
  • 9:15-10:00 AM - Showcase: User Case Study Presentations
  • 10:00-10:30 AM - Q&A Session

*This event is open to FAIR Institute Members and prospective members who meet the proper qualifications. If you would like to apply for membership, please fill out the form here: Become a FAIR Institute Member.

*RSVP is required as this event will reach capacity. We look forward to seeing you at the meeting!

Speaker Bio:

Jack Jones
ChairmanJack Jones Small Portrait
FAIR Institute

Jack is the foremost authority in the field of information risk management. As the Chairman of the FAIR Institute and co-founder and Chief Risk Scientist at RiskLens, he continues to lead the way in developing effective and pragmatic ways to manage and quantify information risk.

As a three times Chief Information Security Officer (CISO) with forward-thinking financial institutions such as Nationwide Insurance, Huntington Bank and CBC Innovis, Jack authored the FAIR model, the only standard quantitative model for cybersecurity and operational risk. A sought-after thought leader, he recently published the award-winning book ‘Measuring and Managing Information Risk: A FAIR Approach’ and is a regular speaker at industry conferences.


Mark Tomallo
Ascena Retail Group, Inc.

Mark has more than 20 years in cyber, information security and risk experience. He has been involved in a number of high-profile projects in the public and private sector specific to Computer Forensics, Security Analytics, Fraud, Geospacial Imaging, Photogrammetry, M&A, Penetration Testing, Social Engineering, First Responder/Emergency Response, and Risk Management. Mark is involved in many industry organization leadership roles like Evanta CISO Executive Forum and the Central Ohio ISSA Board of Directors.