FAIR INSTITUTE FORMED TO HELP MANAGE INFORMATION SECURITY
AND OPERATIONAL RISK FROM THE BUSINESS PERSPECTIVE
A new expert forum to help information risk, cybersecurity and business executives collaborate on the development and sharing of industry-leading best practices for quantifying and managing information risk.
BUSINESSWIRE - SPOKANE, Wash. and Reston, VA, Feb. 17, 2016 – The FAIR Institute, an expert, non-profit organization led by information risk officers, CISOs and business executives to develop standard information risk management practices based on the Factor Analysis of Information Risk (FAIR) model announced its official launch today.
The FAIR Institute’s mission: to establish and promote information risk management standards and practices that empower risk professionals to collaborate with their business partners on achieving an appropriate balance between protecting the organization and running the business.
Today, FAIR is the only international standard value-at-risk model for information security and operational risk. The FAIR Institute helps leading organizations:
- learn about risk scenarios affecting their industries;
- collect and create information security and operational risk management best practices; and
- better communicate with executive teams, boards and other stakeholders about information risk.
“As organizations increasingly rely on digital processes to run their businesses, the need to cost-effectively manage the associated risks has become critical. As a result, information risk, cybersecurity and business executives have been looking for ways to improve their knowledge, decision making and reporting practices related to information risk,” said FAIR Institute Chairman Jack Jones.
Jones is the authority in the field of information risk management and is the original author of the FAIR model, developed during his tenure as CISO at Nationwide Insurance. A sought-after thought leader and speaker at industry conferences, Jones recently published Measuring and Managing Information Risk: A FAIR Approach, which has been defined by some as ‘the CISO's bible’ for information security risk.
Initial members of the FAIR Institute include experts from the world’s most respected enterprises and institutions: from government organizations to the world’s largest banks, and top retail to leading technology companies. The FAIR Institute is governed by a board of directors. Workgroups and local chapters are being formed in North America and in Europe.
“Regardless of size, every organization faces a struggle in balancing its risk posture with the speed of digital business, and then articulating that true organizational risk posture to the C-suite, the board and regulators,” said Nicola (Nick) Sanna, CEO of RiskLens, a founding member and technical advisor to the FAIR Institute. “The FAIR Institute is instrumental in advancing the risk profession to the point where information risk can be quantified and cost-effectively managed like any other type of risk.”
About the FAIR Institute
The FAIR Institute is an expert, non-profit organization led by information risk officers, CISOs and business executives, created to develop and share standard information risk management practices based on FAIR. Factor Analysis of Information Risk (FAIR) is the only international standard value-at-risk model for information security and operational risk. FAIR helps organizations quantify and manage risk from the business perspective and enables cost-effective decision-making. To learn more and get involved visit www.fairinstitute.org.