FAIR SEMINARS

Upcoming Events

4 Steps To SEC Compliance - Sponsored Webinar with Ostrich Cyber-Risk

Webinar | Wednesday,  October 4,  2023 | 11 AM ETOstrich Cyber Risk Logo

As the December 2023 SEC deadline approaches, it is crucial for organizations to prepare for changes effectively. Join this webinar with Jack Whitsitt, Director of Cyber Risk Quantification (CRQ) at Ostrich Cyber-Risk, where he will cover:
  • Materiality & Risk: Understand the importance of materiality, risk appetite, tolerance, thresholds, and how to assess and quantify them.
  • CRQ Integration: Learn how CRQ seamlessly measures these concepts, facilitating clear communication with the SEC and your Board.
  • Implementation Steps: Discover actionable steps you can take today.

 

2023 FAIR Conference and Training (FAIRCON23)

Embrace Digital: Managing the Risk of Digital Transformation, Cloud, and AI

Fairmont Washington D.C. Hotel | 2401 M Street NW, Washington, D.C. 20037 | October 17-18, 2023

Hosted by the FAIR Institute and our sponsoring partners, the 2023 FAIR Conference brings leaders in information and operational risk management together to explore best FAIR practices that produce greater value and alignment with business goals.

Large enterprises and government organizations are creating breakthroughs in the management of information and operational risk that enable business-aligned communication, cost-effective decision-making and ultimately managing what matters.

 

FAIR Fundamentals Hybrid Course - Q4 2023

Hybrid Virtual Training | Nov. 27 - Dec. 1, 2023

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR FAIRWEBSITEArtboard Fundamentals white backgroundStandard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

 

Past Events

FAIR Fundamentals Hybrid Course - Q3 2023

Hybrid Virtual Training | Sept. 11 - Sept. 15, 2023

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR FAIRWEBSITEArtboard Fundamentals white backgroundStandard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

How to Achieve SEC Compliance with Real-time and Automated FAIR Solution - Safe Security Sponsored Webinar

Webinar | Thursday, August 31 | 1 PM ETSafe Security Logo-1

New SEC Cyber Risk Disclosure Rules mandate transformation in how publicly traded companies identify, measure, and report on the cyber risks that hit the level of material impact. Businesses need to develop frameworks and processes to make this fundamental shift swiftly. But how?

Join this sponsored webinar with Molly Slocum, Director of Product Management from our Technical Advisor, Safe Security, moderated by Jack Jones, author of the FAIRTM methodology and Chairman of FAIR Institute. Molly will present on how you can provide your organization with automated, real-time, and quantitative risk management program based on FAIRTM

Get actionable insights on how to:

  • Automate FAIRTM to measure the probable material impact of cyber risk
  • Report on material cyber risks in financial terms that satisfy regulators and your Board
  • Demonstrate a transparent cybersecurity strategy protecting investor interests using the most advanced, AI-driven solution.

Plus, hear real customer use cases of how AI-driven Cyber Risk Quantification has equipped businesses to identify, measure, and communicate cyber risk in real-time. 

 

What the New SEC Regulation on Cyber Reporting Means for the Risk Management Profession - Webinar

Webinar | Tuesday, August 8 | 11 AM ET

As many of us know, the SEC Commissioners voted to adopt the proposed rule on cyber security. This rule aims to elevate the cyber risk reporting and management practices for public companies (registrants) in the US, to help investors in such companies consider the probable impact of cyber risk as they make investment decisions. 

Join FAIR Institute leadership as they explain and disucss what this all means for the risk management profession. Going forward, companies will be expected to have the ability to break down and quantify how losses materialize for their top cyber risks and incidents. 

This will be a forcing function for companies to adopt trusted cyber risk quantification (CRQ) models such as FAIR™ and adopt tools that provide them with visibility into their top risks.

Register and attend this webinar on Tuesday, August 8 at 11 AM ET to learn and engage as we learn how to navigate these new rules together and how CRQ is the top way you can help your organizations be compliant.

 

GRC and CRQ: A (Good) Story of Codependency - Sponsored Webinar with Ostrich Cyber-Risk

Webinar | Wednesday,  July 12,  2023 | 11 AM ETOstrich Cyber Risk Logo

In order to understand how best to plan for and execute Cyber Risk Quantification (CRQ) as a practice and a program, it’s best to start by understanding how it fits into more traditional Governance Risk Compliance (GRC). In this webinar, you will learn how GRC programs and CRQ tools together will help you:
  • More accurately estimate and track exposure of financial losses
  • Prioritize between compliance and regulation requirements
  • Prioritize cyber investments, allocate budget and adjust strategy  
  • Highlight the decrease in potential financial losses to determine which regulatory or compliance requirement is worth investing in
  • Inform stakeholders how you are meeting new cyber regulations

 

FAIR Institute Breakfast Meeting at National Harbor

AC Hotel National Harbor | 156 Waterfront St, National Harbor, MD 20745 | Tuesday, June 6, 2023

Join us on Tuesday, June 6 at 8 AM with a distinguished group of cyber risk executives and fellow FAIR members, who are in town for the Gartner Security and Risk Summit, as they discuss and share tips and best practices on how to successfully build an effective quantitative risk management program with FAIR™.

 

FAIR Institute Europe Summit in London, UK

IET Savoy Place, 2 Savoy Place, London, WC2R 0BL, UK | Thursday, June 1, 2023

There is a culture change happening in the world of risk management. More and more, companies and agencies are turning to quantification to better measure and manage their risks. We are very pleased to invite you to join us on Thursday, June 1, at the first ever FAIR Institute Europe Summit 2023.

Attending this one day summit with your peers in the community will enable you to learn from experts who are actively deploying FAIR™ model at their organizations.

 

FAIR Fundamentals Hybrid Course - Q2 2023

Hybrid Virtual Training | May 22 - May 26, 2023

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR FAIRWEBSITEArtboard Fundamentals white backgroundStandard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

Measurement Planning Webinar - Sponsored Webinar with Ostrich Cyber-Risk

Webinar | Wednesday, May 24,  2023 | 11 AM ETOstrich Cyber Risk Logo

Often, when getting started with CRQ, organizations tend to focus on how to quantify individual scenarios. While this is an important step, it soon becomes clear that measuring risk for decision support purposes requires a suite of scenarios working in combination to suit a variety of purposes. 

This “scenario suite” should be treated as one entity composed of individual scenarios that are collectively comparable, fit for purpose, re-useable, and sustainable.  

At this webinar, we will introduce the concept of developing a “Measurement Plan”  to support this concept and we will touch on several techniques that can be used to assure your Cyber Risk Quantification work meets both current and future needs.

 

RSA Conference 2023

Moscone Center, San Francisco & Digital | April  24-27, 2023RSA ConferenceTM 2023 logo stacked with dates & venue

RSAC 2023 is April 24 – 27 in San Francisco. Attend expert-led sessions, innovation programs, and much more. Register by Mar. 24 to save up to $900*. FAIR members save an additional $150 with code 1U3FAIRFD.

 

FAIR Fundamentals Hybrid Course - April 2023

Hybrid Virtual Training | April 17 - April 21, 2023

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR FAIRWEBSITEArtboard Fundamentals white backgroundStandard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

Understanding Cyber Risk Quantification Webinar with Jack Jones

Virtual | March 30, 2023 at 11 AM ET

In Understanding Cyber Risk Quantification (CRQ): A Buyer’s Guide, Jack Jones, creator of the FAIR™ standard for cyber risk quantitative analysis, answers some fundamental questions about the purpose of a risk management program. 

Attend this webinar to hear from Jack as he covers:

  • The definition of CRQ and its value
  • Common concerns about CRQ adoption
  • Risk-measurement techniques you shouldn’t confuse with CRQ
  • Questions to ask a CRQ vendor
  • Red flags to warn you off a vendor

FAIR Institute Summit - Middle East and Africa

Kempinski Hotel Ishtar Dead Sea, Swaimeh, Amman, Jordan | March 20, 2023

There is a culture change happening in the world of risk management. More and more, companies and agencies are turning to quantification to better measure and manage their risks. We are very pleased to invite you to join us on Monday, March 20 at the first ever FAIR Institute Summit - Middle East and Africa.

The summit endorsed by National Cyber NCSC logo_V2Security Center of Jordan.

Keynote addresses will be delivered by Jack Jones, 3x CISO, award winning author of the FAIR™ Model, Chairman of the FAIR Institute, and Chief Risk Scientist at RiskLens and Nick Sanna, President of the FAIR Institute and CEO of RiskLens. Additional industry thought leaders and key speakers will be announced soon.

 

FAIR Fundamentals Hybrid Course - Q1 2023

Hybrid Virtual Training | February 27 - March 3, 2023

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR FAIRWEBSITEArtboard Fundamentals white backgroundStandard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

Op Risk North America

New York | November 3, 2022

Join FAIR author and Institute Chairman Jack Jones, and Josh Magri, Founder of CRI for their panel session, "Ahead of the Game: Building a Smarter Cyber Risk Strategy" on Nov. 3rd at 5 PM ET.

It is inevitable that cyber risk concerns will continue to grow. Cybersecurity is now listed as one of the top priorities for CEOs globally. Strategies to cyber risk management are now evolving and ownership is no longer seen as the sole responsibility of one specific department. How are leading FIs evolving their approach to cyber risk, transcending departments and better incorporating the perspectives and concerns across supply chain and technical departments?

 

FAIR Fundamentals Hybrid Course - Q4 2022

Hybrid Virtual Training | December 5 - December 9, 2022

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR Standard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

SC Media: Zero Trust - Zeroing In On Your Strategic Vision

Virtual | October 11-12, 2022

On Wednesday, October 12, attend an esteemed thought leadership panel, "Zero trust from a risk professional’s POV".

To what extent does a successful zero-trust initiative quantifiably reduce risk calculations? Enough to satisfy the strict compliance requirements of your internal GRC professionals? Enough to qualify your company for cyber insurance coverage, and perhaps even reduce your premiums? In this session you’ll hear from a panel of risk experts and discover just how much impact zero trust can actually have on the cyber risk assessment process.

SC Media Zero Trust eSummit

 

FAIR Fundamentals Hybrid Course - Q3 2022

 Hybrid Virtual Training | October 3 - October 7, 2022

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR Standard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

 

2022 FAIR Conference and Training (FAIRCON22)

Mandarin Oriental Hotel | Washington, D.C. | September 27-28, 2022

The 2022 FAIR Conference (FAIRCON22), the premiere, global, quantitative risk management conference, will be held on September 27 & 28 (Tues. and Wed.) at the Mandarin Oriental Hotel in Washington, D.C. one of the city’s top hotels that is adjacent to both the Mall and the vibrant new Wharf district.

The theme of this year’s FAIRCON is “Scale”. As an increasing number of organizations have adopted or are looking to adopt FAIR to take their cyber and operational risk management programs to the next level, the community is getting back together to share their experiences and best practices around scaling FAIR.

 

FAIR Fundamentals Hybrid Course - Q2 2022

Hybrid Virtual Training | June 27-July 1 2022

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR Standard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

 

RSA Conference 2022

Moscone Center, San Francisco & Digital | June 6-9, 2022RSA Conference 2022 logo - Digital - June - horizontal - transparent

Join your peers at RSAC 2022 in San Francisco, June 6-9, or digitally. Attend expert-led sessions, inspiring
Keynotes, innovation programs, and much more.FAIR members save an additional $150 when using code
12UFAIRFD.
Register Now.

Join us June 8th from 8:30am to 12:30pm PT for a thought-provoking three-part seminar on quantitative cybersecurity risk measurement — what it is, how to leverage it, and what its future looks like. This seminar will include the latest information on the groundbreaking FAIR Controls Analytics Model (FAIR-CAM), which enables empirical measurement of cybersecurity control efficacy and value.

 

FAIR Fundamentals Hybrid Course - Q1 2022

Hybrid Virtual Training | February 28- March 4, 2022

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR Standard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

 

FAIRCON Event Series Q1

Pragmatic Use Cases for Cyber Risk Quantification - FAIRCON Event Series

Half-Day Use Case Session | Thursday, February 24, 2022 from 11:00 AM - 2:30 PM ET

Join us on February 24th as the FAIR Institute launches the first of its 2022 FAIR Conference series where we will while showcasing member-led, expert use case study presentations and innovations in cyber risk quantification.

These FAIR Conference Series will bring you the same level of inspiring, thought-provoking and educational sessions that you may have already experienced at the annual FAIR Conference, albeit in a shorter, more agile format. And do not worry, they come as a supplement to the annual conference that is still taking place in Fall 2022.

Registration is free for FAIR Institute members. If you are not a member and wish to join, please apply here: https://www.fairinstitute.org/get-involved-apply-today. 

 

FAIR Fundamentals Hybrid Course - Q4 2021

Hybrid Virtual Training | November 29- December 3, 2021

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR Standard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

 

Virtual FAIRCON21

2021 FAIR Conference and Training (FAIRCON21)

Hosted by the FAIR Institute, the 2021 FAIR Conference (FAIRCON21) brings together thought leaders in cyber and operational risk management to explore best FAIR practices that produce greater value and alignment with business goals. The premiere global risk management conference, held both in person and virtually, will provide ground-breaking keynote addresses, engaging C-suite panels, and expert case study sessions.

Virtual FAIRCON21 will allow you to learn the latest developments in quantitative risk management and learn from the world's leading experts and practitioners. You can also connect with our partners and sponsors who can help support and build your risk management programs.

Training sessions are also offered for organizations who want to advance the education and proficiency of their cyber and operational risk professionals. FAIR Training provide attendees for certification and include CPE credits. To partake in this optional conference add-on, there will be an selection on the ticketing page. A full list of training courses can be seen on our website here.

Register for your seat today and if you have any questions, please reach out and let us know by emailing events@fairinstitute.org.

Protecting Your Supply Chain from Multi-Party Breaches - RiskRecon Sponsored Webinar

Virtual Event | Wednesday, September 29, 2021 | 3 PM ET

In a new research study from RiskRecon and Cyentia Institute, we sought to understand the risks associated with third-party vendors and partners as well as the dangers posed to the rest of the supply chain.

Join data scientists from Cyentia and the head of strategy from RiskRecon for a live webinar to hear about our exclusive research on multi-party breaches and the effect it can have on your firm and its supply chain, including:

- How multi-party incidents have hurt organizations financially since 2008
- The differences in impact between multi-party and single party security incidents
- The number of days for a typical ripple event to reach 75% of its downstream victims

Cybersecurity for the Cloud & State of Cybersecurity

Virtual Summit | September 22, 2021

Join information systems, technologists, business professionals and experts from across the globe for a dynamic discussion on today’s cybersecurity challenges, opportunities, and trends—and on what lies ahead.

Attend ISACA®’s FREE Virtual Summit—a half-day event featuring live presentations and opportunities to connect with peers around the world. Be inspired, informed, and spurred to secure your enterprise, and fortify your professional future as an in-demand professional who knows cybersecurity.

  • Gain expert insight and recommendations to improve your organization’s cybersecurity workforce development, intelligence-driven methods, and approaches, and understanding of cybersecurity’s current state of play.
  • Increase your aware from expert’s insight and guidance on the challenges and possibilities for maximizing the value of cloud services while minimizing security concerns and your enterprise’s exposure to external and internal threats.
  • Engage with a panel of top professionals in a round-table discussion centered on cyber risk quantification.
  • Earn up to 3.5 Free CPE credit hours.

FAIR Fundamentals Hybrid Course - Q3 2021

Hybrid Virtual Training | September 13-17, 2021

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR Standard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

FAIR Fundamentals Hybrid Course - Q2 2021

Hybrid Virtual Training | June 21-25, 2021

In this course, you will discover the challenges with conventional, qualitative risk management methods. We will introduce you to the FAIR Standard and methodology, associated processes, and terminology. You will also learn key measurement concepts, calibrated estimation methods necessary to conduct quantitative risk analysis in your agency or department, and best practices to communicate analyses to stakeholders. The learning experience is further solidified by hands-on work on applicable use cases.

The Hybrid-class course is designed and taught by experienced FAIR experts. Designed to be the best of both methods, giving you the flexibility of self-paced lessons and office hours.

By the end of the course, participants will be able to:

  • Know the FAIR Standard (variables, definitions, relationships, forms of loss, etc.)
  • Explain the FAIR risk analysis process
  • Properly scope scenarios for analysis
  • Use calibrated estimation in quantitative risk analysis
  • Map controls to the FAIR Standard to analyze risk mitigation
  • Interpret the results of a FAIR analysis and create reports for stakeholders
  • Apply their knowledge to case studies based on real-life scenarios

Webinar: Women in Cyber Risk: Redefining the Future of Cyber Risk

Wednesday, June 22 2021 from 2:00 PM to 3:00 PM EDT

The FAIR Institute is honored to host our new webinar titled "Women in Cyber Risk: Redefining the Future of Cyber Risk."

We take responsibility in highlighting the diversity of our community and promoting the work of our women leaders.

During this webinar, you would hear from women in different roles and industries talk about their careers, the importance of giving women more opportunities in such a male-dominated industry, and advice to young women starting out their careers in risk and security.

The webinar is Wednesday, June 22 from 2-3 PM EST. We hope you are able to join us for fruitful conversation and time to answer some of your questions on the work that these members do and their advice for dealing with the ever-changing risk management industry.

 

Charter of Trust - Virtual Collaboration Week 2021

June 14-24, 2021 - Virtual Event

Founded in 2018 at the Munich Security Conference, the Charter of Trust (CoT) was initiated because of increasing daily life exposure to malicious cyber-attacks. Today, its members have transformed it into a unique initiative of leading global companies and organizations working together to make the digital world of tomorrow safer. You can find out more about the Charter of Trust and its 10 Principles on their website.

The annual highlight of the Charter of Trust is approaching: From June 14-24, the Charter of Trust is going to hold its Virtual Collaboration Week CW#2 2021. This is where CoT Partners from all around the world come together for an intense period of thinking and to produce many fresh ideas on how to move the global cybersecurity agenda forward.

The Collaboration Week provides a wonderful forum for thought exchange between CoT Partners and external experts, and we will be hosting a keynote speech on cybersecurity risk quantification featuring Institute President, Nick Sanna. More information to come soon.

 

PRMIA Cyber Risk Forum 2021 - Keynote & Panel

Tuesday, June 7 2021 from 10:10 to 11:45 AM EDT

THE ONGOING PANDEMIC has leapfrogged digitalization efforts and exposed cyber vulnerabilities. The Risk and IT communities need to frame a common set of definitions. Practitioners need to be aware of the latest thinking around best practices and governance, as a cyber-attack has proven it can cause significant damage and disruption to an organization. There are an escalating number of cyber-attacks raising concerns worldwide. Thank you for joining us to learn more in this ever-changing cyber risk landscape and engage with risk professionals in this important conversation.

  • Keynote: Practical Implications of Managing Cyber Risk in Financial Terms
    • 10:15 to 11:00 AM EDT
    • Keynote Speaker: Nicola Sanna, President, FAIR Institute; CEO, RiskLens
  • Panel: Practical Implications of Cyber Risk in Financial Services
    • 11:00 to 11:45 AM EDT
    • Moderator: Nicola Sanna, President, FAIR Institute; CEO, RiskLens
    • Panelists: James Lam, Board Member
    • Harold Macenaro, Digital Risk Officer, Banco de Credito de Peru
    • Oge Udensi, Principal Cyber Security, UK Finance

 

RSA Conference 2021

Virtual Experience| May 17-20, 2021 RSAC2021

Connect to cybersecurity’s best minds and biggest ideas. For less.

Expert-led sessions. Thought-provoking keynotes. Cutting-edge innovation. Interactive networking opportunities. Join the conversation at RSA Conference 2021, a virtual experience happening May 17-20. Meet industry leaders and peers, learn about the latest trends that are most relevant to your needs, grow your career and help shape the future of the industry. Plus, save $100 on an All Access Pass as an FAIR Institute member. Learn more.

 

RSAC21 Association Seminar - How to Manage and Communicate Cyber Risk in Business Terms

Virtual Seminar at RSA Conference 2021 | Monday, May 17, 2021 from 10:30 AM to 2:00 PM PDT

We are excited to announce our 3-part seminar on the business benefits of cyber risk quantification. All are welcome to attend the seminar on Monday, May 17 from 10:30 AM to 2:00 PM PST to be guided through an expert-led series that provides reasons why the industry has evolved toward quantitative methods, as well as the challenges and practical solutions for leveraging these methods. Attendees will be front row for an application session on running a quantitative analysis with FAIR. There will also be a Q&A session with Fortune 1000 CISOs who have built successful quantitative risk management program at their companies. We, at the FAIR Institute, hope that you will begin your journey with us and stay connected by joining our growing membership base at www.fairinstitute.org. If you have any questions, please reach out to Luke Bader, Director of Membership and Programs albader@fairinstitute.org.

This content is brought to you by FAIR Institute. Open to all pass types. Attendees selecting this seminar will have their contact details shared with FAIR Institute.

 

FAIR Analysis Fundamentals Training (Online-Virtual Hybrid Course)

Virtual Training through RSA Conference 2021 | Monday, May 10 – Friday, May 14

Quantitative risk analysis results in higher quality decisions. RiskLens' FAIR Analysis Fundamentals course - now available both online and in-person - focuses on the concepts and methods of FAIR, the internationally-recognized standard model for quantifying risk. Our RiskLens Academy FAIR training courses (accredited by the Open Group) are led by experienced practitioners and will improve participants’ abilities to identify, measure, and communicate risk. All participants will receive a certificate of completion, including 16 CPE hours for professional certifications. After training and self-study, participants will be prepared for the Open Group’s Open FAIR Certification exam and will receive a voucher covering the cost of the exam.

You must be registered for RSA Conference 2021 to purchase and enroll in this training.

 

ISACA Sacramento Chapter: FAIR Risk Management Framework

Virtual Event | October 14 from 6:00-7:00 PM PT

Speaker: Jack Freund, Ph.D, M.A., CISSP, CISA, CISM, CRISC, CGEIT, CDPSE, CIPP - FAIR Institute Fellow

Introduction to cyber risk quantification using FAIR. In this session, join the co-author of the award-winning book on the international FAIR standard as he discusses cyber risk quantification. Learn about deficiencies in qualitative risk methods, how FAIR overcomes those problems, and how it complements existing risk management frameworks such as NIST CSF, ISO, and more. Learn how to develop quantitative risk metrics, the role of risk appetite, and how to present quantitative risk results to the Board.

Why Attend:
Attending this session will enable you to upgrade you risk analysis capabilities in a flexible way that is agnostic and complementary of the risk or control frameworks you may be using
This session will also help you better sharpen your soft skills around risk communication to non-technical audiences

 

2020 FAIR Conference and Training (FAIRCON2020)

A Virtual Event | October 6 & 7, 2020

The 2020 FAIR Conference (FAIRCON2020), the premiere, global, quantitative risk management conference, will be held digitally on October 6 & 7 (Tues. and Wed.). FAIRCON2020 will provide ground-breaking keynote addresses, engaging C-suite panels, and expert case study sessions through a cutting edge virtual event platform.

Hosted by the FAIR Institute and supported by our partners, FAIRCON2020 brings world-class thought-leaders in information and operational risk management to you to explore the best FAIR practices, progress and learning. This year’s theme is "Factoring Risk in Decision Making" and the sessions will showcase Fortune 1000 companies and U.S Federal Government Agencies highlighting their breakthrough work in business-aligned communication, cost-effective decision-making, and ultimately managing what matters.

FAIRCON2020 will also be hosting a unique virtual Exhibitor Space to learn about the exciting work that our partners and sponsors are doing with FAIR, as well as ways to download their materials and connect with them in live chats.

 

Weaving a Safer Web: Significant Risks from Insignificant Details RiskRecon Sponsored Webinar

GoToWebinar | September 17 at 11 AM EST

As organizations continue to adjust to the current digital climate security teams have had to shift their focus - enhancing work-from-home security measures, managing changes to the digital supply chain, monitoring the ever-expanding data universe - but recent research has shown that some businesses are ignoring some basic security principles, thus leaving themselves exposed to serious threats.

RiskRecon and Cyentia Institute examined how organizations are handling essential security practices and the impact of failing to manage these properly. The research has found that:

  • 33% of firms are failing at the most basic cybersecurity practices
  • Having any TLS 1.2 incompatible hosts increases an organization’s high/critical finding density by 70%
  •  Firms exposing 9+ unsafe services have 5x higher rate of security findings

Join our webinar on Thursday,  September. 17th at 11 AM EST as Dr. Wade Baker, Partner at Cyentia Institute and Jon Ehret, VP of Strategy & Risk from RiskRecon discuss the findings from our research study and the security implications facing organizations who are not following these foundational security practices.

 

Using FAIR to Understand Change in Resilience Risk - Protiviti Sponsored Webinar

GoToWebinar | August 20 at 1 PM EST

This webinar is a step-by-step walk-through from the primary authors of Protiviti’s latest thought leadership piece, “Understanding Changes in Resilience Risks From Technology Advancements.” Following this webinar, you’ll be able to:

  • Communicate to your board the importance of using the FAIR model to understand changes in resilience risks
  • Identify how the model can be used to calculate loss exposure reduction resulting from the implementation of technologies (e.g., cloud)
  • Justify how much capital to hold against operational risk as part of an organization’s Comprehensive Capital Analysis and Review (CCAR) and risk-weighted asset calculations

 

Rapid Risk Assessments: Identifying and Prioritizing Risks in Minutes Instead of Months- RiskLens Sponsored Webinar

GoToWebinar | August 26 at 2 PM EST

Many information security teams are running risk assessments that are qualitative in nature and do not provide results in terms business leaders and decision makers can understand. Boards, senior management, auditors and CISOs demand quick readouts and better understanding of their cyber security risk exposure: “What are our top risks for bottom-line impact?”

Enter the RiskLens Rapid Risk Assessment, the new solution created specifically to address this challenge. Using the RiskLens SaaS platform, built on FAIR™, organizations can run risk analyses in minutes (instead of months) that present loss exposure in dollar values and produce flexible, customizable reporting that clearly prioritizes risks by probable impact.

Join us on this webinar to learn more about this new solution and how it can help get your organization begin its FAIR journey by: 

  • Accelerate the Risk Assessment Process
  • Triage and Prioritize Risks with Confidence
  • Communicate Top Risks to Decision Makers

AFERM Webinar: How Financial Risk Quantification Can Help Federal Agencies Better Integrate Cybersecurity Risk and ERM

Thursday, July 16, 2020 at 12 PM EST | GoToWebinar

Please join us on July 16th to learn how Financial Risk Quantification can assist in integration of Cybersecurity Risk and ERM. This webinar will explain how federal agencies can better meet the requirements of federal laws, policies and guidance to adopt a risk-based approach to cybersecurity and to integrate it with ERM through new financially-driven risk assessment methodologies.

 

Reducing Cybersecurity Risk by Automating Continuous Vendor Assessment - Sponsored Webinar by RiskRecon

Wednesday, June 24 at 1 PM EST | GoToWebinar

Assessing cybersecurity risk has taken on a new meaning as organizations shift toward virtual, and companies focusing on maintaining operations. Third-party risk practitioners are witnessing a supply chain shift – current suppliers might not be viable any longer, and new vendor relationships might bring an increased level of risk that may exceed an established threshold.

Third-party risk teams understand that velocity is critical to their ability to accurately assess the cyber risk associated with on-boarding new vendors, as well as current vendors where perhaps cyber hygiene hasn’t been prioritized. A new level of third-party risk management that teams require given today’s business climate – one that is automated and risk-prioritized, and that can be quantitatively measured for optimal risk outcomes.

During this webinar, attendees will hear more about:

  • What top third-party risk practitioners are doing to navigate new cyber risks to the supply chain
  • How to scale third-party risk programs using automated asset valuation through a dynamic AI-based approach
  • What success looks like across multiple third-party risk programs ranging from less mature to more mature, along with a practical analysis and demonstration for how they achieved those results.

 

The Role of Emerging Technology in the Federal Pandemic Response

June 11, 2020 | 9 AM - 2 PM EST | Virtual Event

ATARC's Virtual Summit "The Role of Emerging Technology in the Federal Pandemic Response" allows for collaboration between government, industry, and academia virtually. At this summit, attendees will listen and discuss the technology breakthroughs, changes, and obstacles that have faced the Federal IT Ecosystem during the time of COVID-19. Breakout track topics include Mobile/Digital, Artificial Intelligence, Security, DevOps, and Cloud and feature TechTalks and Panels from thought leaders within the Federal It community. 

Jack Jones, author of FAIR, 3x CISO, and Chairman of the FAIR Institute will be a panelist on "Security Panel 1: Compliance and Risk Management" from 11:25-11:55 AM EST.

 

Making Better Cyber and Technology
Risk Decisions: Part 3

Thursday, June at 2 PM BST / 9 AM EST | GoToWebinar

Organizations (and professions) often resist change even when changing is demonstrably going to result in improvement. And it should be no surprise to anyone that this is also true when we’re talking about changing how we think about, evaluate, and communicate cyber and technology risk.

In this final webinar of a three-part series, Jack will discuss the change management component of adopting better risk measurement methods. This will include important topics like; where to begin, defining your organization’s roadmap, and overcoming common obstacles.

 

Making Better Cyber and Technology
Risk Decisions: Part 2

Wednesday, May 20 at 2 PM BST / 9 AM EST | GoToWebinar

It is one thing to conceptually understand the limitations of common cyber risk measurement methods and know that a better method exists. But until you see these differences action, it can be difficult to fully grasp their significance.

In this second of a three-part webinar series, Jack will compare and contrast a common risk measurement method versus FAIR by applying both to a risk analysis scenario where an important decision is at stake. By watching the analysis unfold you will gain a deeper understanding and appreciation for their differences. This process will also shed light on some of the misperceptions and fallacies that surround quantitative risk measurement.

 

Making Better Cyber and Technology
Risk Decisions: Part 1

Thursday, May 14 at 2 PM BST / 9 AM EST | GoToWebinar

Successfully managing today’s complex and dynamic cyber and technology risk landscape requires being able to prioritize well and communicate effectively to executive stakeholders. This is especially true when budgets are being trimmed and every expense is scrutinized.

In this first of a three-part webinar series, Jack Jones, 3x CISO and author of the FAIR Model. will discuss the cyber and technology risk measurement methods commonly used today and why they fail to meet those two requirements. He will also share three criteria for reliable risk measurement (whether qualitative or quantitative) and introduce the Factor Analysis of Information Risk (FAIR) model for risk measurement.

 

"Reducing Cyber Risk from Employees Working at Home" - Case Study Webinar

April 2 at 12 PM EST | GoToWebinar

Many companies are currently looking at work from home options for employees in response to the Coronavirus pandemic, while still maintaining control over sensitive corporate data.

Join in for a discussion with Christina Dulovich, Risk Management Consultant, on how one technology company chose the most cost-effective option to prevent data leakage through Shadow IT, with an assist from RiskLens quantified cyber risk analytics.

 

Building an Effective Cyber Risk Management Program that Actually Works
FAIR Institute Breakfast Meeting during RSAC2020 

February 26, 2019 | 7:30 - 10:30 AM | Parc 55 San Francisco, Embarcadero Room (Level Three) | 55 Cyril Magnin Street, San Francisco, CA 94102

Are you looking to build a cyber risk management program that can help you measure and manage cyber risk from the business perspective, in financial terms, all while making regulators happy? Then join us for our upcoming FAIR Institute Breakfast featuring Jack Jones, 3x CISO, and author of the FAIR Standard Risk Model. Hear about his experiences in accompanying many of the world's largest organizations as they developed risk management programs that actually work.

Our annual breakfast will take place during RSAC2020 and showcase Jack and other industry experts. They'll demonstrate how building a true and effective cyber risk management program is crucial for your organization as the industry moves towards cyber risk quantification as the way to cost-effectively manage risk, justify security budgets, and meet growing regulatory demands.

The meeting presentations will include practical takeaways on how to:

  • Outline the various stages of adopting and building a cyber risk management program
  • Explain the economical benefits of using quantitative models over qualitative methods
  • Share experiences and journeys on how they have built or are building full risk management programs

RSA Conference 2020 Partner All-Access Seminar: A FAIR Approach to Cyber and Technology Risk Management

February 24, 2020 | 8 AM - 12 PM, 1 - 5 PM| Moscone Center | 747 Howard Street, San Francisco, CA 94103

Risk management expectations are evolving, especially with regards to how risk is being measured and communicated. Although heat maps and qualitative scales have been common practice for years, the industry has begun a strong shift toward quantitative methods. The advantages are well-established — more effective prioritization, an ability to understand the cost-benefit proposition of risk management improvements, and the ability communicate with business executives in terms they understand. 

This half-day session, led by Jack Jones, 3x CISO and author of the FAIR model, will provide clarity on why the industry is evolving toward quantitative methods, as well as the challenges and practical solutions for leveraging these methods.  The emphasis will be on gaining a pragmatic understanding of why, how, and what to avoid. Learn more and register for the event at RSAC2020. Use the code 10UFAIRFD for $150 off!

 

RSAC Cyber Monday Banner-1

2020 RSA Conference

February 24-28, 2020 | Moscone Center | 747 Howard Street, San Francisco, CA 94103

Where can you get state-of-the-art cybersecurity intel straight from the experts—all while witnessing the debut of industry innovations? At RSA Conference 2020, where the world talks security. Join industry leaders and peers for a rich experience filled with cutting-edge content and skill-building experiences. Explore basic foundations and emerging trends in expert-led track sessions. See where the industry is headed in forward-thinking keynotes. Demo products and solutions from over 700 companies. And if that’s not enough to look forward to, as a FAIR Institute member you’ll also save an additional $150 when you register using code 10UFAIRFD.

 

Live FAIR Fundamentals Training Course pre-RSAC2020

February 23 & 24, 2020 | Hyperdrive Agile Leadership | 835 Market Street, Suite 556 | San Francisco, CA 94103

Join us for two days of on-site learning, before RSA Conference 2020, for the Introductory FAIR Analysis Fundamentals Course. Led by FAIR experts from our technical advisor, RiskLens®, this workshop-style course will walk you through a foundational introduction to FAIR's core principles and enable analysts like you to:

  • Recognize the challenges associated with commonly used risk assessment approaches;
  • Distinguish the advantages and limitations associated with FAIR;
  • Internalize and apply basic risk concepts and terminology;
  • Understand common measurement challenges and how to effectively and consistently overcome them using measurement concepts; and
  • Ultimately performing quantitative risk analyses.

After completing this course, you will have the skills and resources necessary to measure the risk associated with scenarios of all types. This will prepare you to fundamentally change the way risk management is conducted in your organization and make huge contributions to the protection of your company's value.

 

Register for the 2019 Risk Management Maturity Benchmark Survey Results Webinar

Thursday, December 19 | 11 AM - 12 PM EST | GoToWebinar

Together, we will explore key findings from the 2019 Risk Management Maturity Benchmark Survey conducted earlier this year, and shed some light on relevant questions your organization might have, such as:

  • How mature is the profession today?
  • Where is the industry weakest/strongest in its risk management practices? 
  • Which improvements in maturity are likely to matter most? 
  • How does our organization rate against others in our industry?
  • How has the industry matured since last year's survey?

Prepare for the webinar by downloading and reading the past two years’ reports below and watching the past results webinar recordings. These reports on hosted on FAIR Institute LINK, our online member-only community. Too apply for membership, please do so here: Get Involved.

 

SANS Training Course Atlanta 2019: Measuring and Managing Cyber Risk Using FAIR

November 18-21, 2019 | 9:00 AM - 5:00 PM | Grand Hyatt Atlanta in Buckhead | 3300 Peachtree Road NE, Atlanta, GA 30305

Sign up today for a new four day FAIR training course "Measuring and Managing Cyber Risk Using FAIR." In addition to the foundational knowledge required to apply the FAIR model, the course features in-depth treatment of the Risk Management Process and the role FAIR plays in each of its five phases: Risk Identification, Risk Analysis, Risk Evaluation, Risk Treatment, and Risk Monitoring.

After completing this course, you will have the skills and resources necessary to measure the risk associated with scenarios of all types. This will prepare you to fundamentally change the way risk management is conducted in your organization and make huge contributions to the protection of your company's value.

 

Webinar: Quantified Cyber Risk Management: Three steps to success with Highmark Health

November 18, 2019 | 1:00 - 2:00 PM | GoToWebinar Registration

Presenter: Jason Martin, Manager, Information Security and Risk Management, HM Health Solutions (Highmark Health)

Interactive discussion focusing on Highmark Health's two-year journey to implement quantitative cyber risk management methods. We will cover how we achieved our program’s objective to present an enterprise-level quantitative risk view by leveraging the strengths of our control framework and the Factor Analysis of Information Risk (FAIR) methodology. 

 

Live FAIR Fundamentals Training Course, Dublin, OH

November 12-13, 2019 | 9:00 AM - 5:00 PM | Dublin Entrepreneurial Center | 565 Metro Place South, Dublin, OH 43017

Sign up today for a new four day FAIR training course "Measuring and Managing Cyber Risk Using FAIR." In addition to the foundational knowledge required to apply the FAIR model, the course features in-depth treatment of the Risk Management Process and the role FAIR plays in each of its five phases: Risk Identification, Risk Analysis, Risk Evaluation, Risk Treatment, and Risk Monitoring.

After completing this course, you will have the skills and resources necessary to measure the risk associated with scenarios of all types. This will prepare you to fundamentally change the way risk management is conducted in your organization and make huge contributions to the protection of your company's value.

 

New Jersey Evanta CIO Executive Summit

Oct. 29, 2019 | 6:00 - 8:30 PM | Hyatt Regency New Brunswick, 2 Albany St, New Brunswick, NJ 08901 

The New Jersey Evanta Executive Summit combines unparalleled networking with peer-driven content and insights from dynamic thought leaders.

The Governing Body crafts the agenda to address innovative, real-world solutions to our top challenges, from digital transformation to board engagement and keeping the organization secure — ensuring an invaluable experience for every CIO and CISO who attends.

Jack Jones, Chairman of the FAIR Institute, will be addressing the Governing Body Members to launch the event with an evening of peer networking.

 

Risk.net Training Course: Cyber Risk Modeling: FAIR Analysis Fundamentals

October 23 & 24, 2019 | 55 Broad Street, 22nd Floor | New York, NY 10004

In partnership and host be Risk Training from Risk.net, join fellow members and risk experts enhance their FAIR knowledge at the Cyber Risk Modeling: FAIR Analysis Fundamentals public training course.

The FAIR Analysis Fundamentals course is the introductory course offered by the RiskLens Academy. Designed to prepare participants for the Open FAIR Certification Exam, the course discusses the challenges with qualitative risk management methods and introduces the FAIR model and terminology, calibrated estimation, and the measurement concepts necessary to begin conducting quantitative risk analysis. FAIR Analysis Fundamentals provides the conceptual foundation and practical experience necessary to competently perform FAIR analyses. 

 

2019 FAIR Conference and Training (FAIRCON19)

September 24 & 25, 2019 | Gaylord National Resort and Convention Center | National Harbor, MD 

Hosted by the FAIR Institute and our sponsoring partners, the 2019 FAIR Conference brings leaders in information and operational risk management together to explore best FAIR practices that produce greater value and alignment with business goals.

Large enterprises and government organizations are creating breakthroughs in the management of information and operational risk that enable business-aligned communication, cost-effective decision-making and ultimately managing what matters.

Interested in on-site FAIR training? Head to FAIRCON19 early to attend on-site FAIR Analysis Fundamentals or the advanced FAIR Analyst Learning Path Training Courses, September 22-23, for those that elect to partake in this optional conference add-on.

 

Quantifying the Value of Cybersecurity in Dollars and Cents: CISO Meeting at Black Hat

August 7 | 7:30-9 AM PST| Four Seasons Las Vegas | Palm Lounge and Room | 3960 S Las Vegas Blvd, Las Vegas, NV 89119

Join the FAIR Institute, CyberVista, and distinguished CISOs for an engaging cyber risk discussion focused on empowering our people, enterprises, and leadership to effectively quantify and manage cyber risk.

Agenda:

7:30-8:00 AM - Registration and Networking Breakfast
8:00-8:20 AM - Keynote Address
8:20-8:40 AM - Industry Case Studies
8:40-9:00 AM - Q&A and Closing Remarks

 

FAIR Breakfast at National Harbor

June 18, 2019 | 7:30 - 11:00 AM | AC Hotel, 156 Waterfront Street, Room: National Harbor II National Harbor, MD 20745 

Join a distinguished group of cyber risk executives and fellow FAIR members, who are in town for the Gartner Security & Risk Management Summit 2019 , as they discuss "Tips and Best Practices on How to Build a Quantitative Risk Management Program With FAIR."

Many organizations have applied their expertise and channeled it into many concrete examples of FAIR Adoption. Attend this meeting to :

  • Hear how a FAIR Program can help your organization
  • Get practical advice from industry leaders who are elevating their risk management programs
  • Network around breakfast with your peers and industry experts

 

FAIR Analysis Fundamentals Training Courses in Australia 

May 16-24 | Sydney, Melbourne, Brisbane - Australia

FAIR Analysis Fundamentals training from FAIR Institute Technical Advisor, RiskLens, provides the conceptual foundation and practical experience necessary to competently perform FAIR analyses. This training course is led by experienced practitioners and will improve participants' abilities to identify, measure, and communicate risk.

Sign up for one of three courses throughout the country in May.

  1. FAIR Analysis Fundamentals Training Course in Sydney – May 16-17
  2. FAIR Analysis Fundamentals Training Course in Melbourne – May 20-21
  3. FAIR Analysis Fundamentals Training Course in Brisbane – May 23-24

 

FAIR Institute Breakfast Meeting during the 2019 RSA Conference

Mar. 6, 2019 | 8:00 AM - 11:00 AM | Courtyard by Marriott San Francisco Downtown, 299 2nd Street, Rincon Hill Room, San Francisco, CA, 94105

Last year, Jack Jones presented a road-map for successfully adopting FAIR within an organization and enable more effective decision-making. Since then, many organizations have applied that expertise and channeled it into many concrete examples of FAIR Adoption.

Join other cyber risk executives for a high-impact breakfast meeting on Wednesday, March 6 at 8 AM, during the RSA Conference 2019 in San Francisco to learn from other industry leaders about their experiences on:

  • Using FAIR to make better cybersecurity and business decision
  • What it took to adopt FAIR within their organization

 

NRF 2019 Retail's Big Show & Expo

Jan. 13 & 15, 2019 | Jacob K. Javits Convention Center, New York City, NY

The world’s largest retail conference and expo isn’t just a conference, it’s a community. Filled with a global audience and exhibitor base that could only come from NRF. It’s a marketplace for ideas and relationships. A chance to forge new partnerships, try out best-in-class experiences, and learn from some of the biggest players transforming retail today. An event guaranteed to drive impact. Because after all, what’s the point of a show if you have nothing to show for it?

Join FAIR Institute Chairman, Jack Jones, as he presents on the Security Council Panel on January 15.

 

Assessing Cyber Risk in Federal Government - FAIR Institute Gov't Chapter

Nov. 15, 2018 | 8:30 AM - 11:00 AM | Morrison & Foerster | 2000 Pennsylvania Avenue, NW, Suite 6000, Washington, DC 20006

The Inaugural FAIR Institute Federal Government Chapter Breakfast Meeting will be held on Thursday, November 15, on the topic of "Assessing Cyber Risk in Federal Government." Come listen to and learn from the author of FAIR, Jack Jones, representatives from OMB, and cyber risk officers from federal agencies that have started on this journey.

This chapter of the FAIR Institute, a non-profit, expert learning organization, was born out of the desire of several federal government agencies and the White House/OMB to learn more about the standard FAIR risk model and how it can help them to come up with a common risk taxonomy, a shared cyber risk quantification methodology, and better ways to assess the effectiveness of risk mitigations and the adequacy of cybersecurity budgets to meet Executive Order 13800.

 

NACD Peer Exchange: Demand More—Cyber Risk Reporting in Dollars and Sense

Nov. 13, 2018 | 11:30 PM - 2:30 PM | The City Club of San Francisco | 155 Sansome Street, 10th Floor, San Francisco, CA 94104

Directors are constantly faced with the need to find the best ways to discuss and quantify cybersecurity risk. They need to more clearly understand the financial exposure that cyberbreach incidents represent to their business, and be able to discuss technical issues based on what they mean to the company’s bottom line. Boards should strive to be able to hold discussions with their management teams about cybersecurity and cyber risks where cyber risk is no longer evaluated in technical terms or in "red-yellow-green" heat maps, but in the economic language of business. 

Join NACD and RiskLens for this roundtable event with Nick Sanna, RiskLens CEO, and Jack Jones, RiskLens co-founder and creator of the FAIR standard, on November 13 in San Francisco. We’ll discuss strategies and methods that will help you to quantify your organization’s cybersecurity risks and identify the questions you should ask of your management teams in order to better discuss these risks in business terms.

 

Global Resilience Federation (GRF) Summit 2018

October 25-26, 2018 | Lansdowne Resort and Spa| Leesburg, VA

The purpose of the GRF Summit on Third-Party Risk is to increase awareness of security best practices, offer an opportunity for collaboration among third-party vendors and organizations’ risk management teams, and provide a platform for security leaders to share expertise and learn from each  other to improve holistic security. 

Jack Jones, Chairman of the FAIR Institute, will be presenting during his session, "How to Economically Justify Your Risk Management Needs" on Friday, October 26, from 3-3:30 PM.

 

Three Rivers Information Security Symposium

October 19, 2018 | Monroeville Convention Center | Pittsburgh, PA

Pittsburgh region information technology and security organizations are working together to increase awareness, collaboration and knowledge among the local information security community. Local security groups and partners hosting the symposium include InfraGard Pittsburgh, ISSA, and OWASP. AITP, ISACA, ISC2, RMU’s Top Secret Colonials, and Steel City InfoSec are also providing local support for this event.

Join Jack Jones at the TRISS Conference to hear him speak on "Managing Cybersecurity Surprises" and how FAIR and risk quantification work to mitigate those surprises.

 

2018 FAIR Conference and Training (FAIRCON18)

October 16 & 17, 2018 | Carnegie Mellon University | Pittsburgh, PA 

Hosted by the FAIR Institute and Carnegie Mellon University’s Software Engineering Institute (SEI) and the Heinz College of Information Systems and Public Policy, the 2018 FAIR Conference brings leaders in information and operational risk management together to explore best FAIR practices that produce greater value and alignment with business goals.

Join us to meet and learn from other strategic-minded industry leaders and discover emerging best practices and models for managing information risk.

 

IANS Charlotte Information Security Forum

September 26-27, 2018 | Charlotte Convention Center | Charlotte, NC 

IANS 2018 Charlotte Information Security Forum delivers an immersive curriculum with over 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers. Attend the two-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise security leaders.

FAIR Institute Chairman Jack Jones will be presenting the Opening Keynote at 9 AM on Wednesday, September 26, titled "Modern Cyber and Technology Risk Management." 

 

SANS Baltimore Fall 2018

Sept. 10-13, 2018 | 9:00 AM - 5:00 PM | Hilton Baltimore | 401 W. Pratt Street, Baltimore, MD 21201

Sign up today for a new four day FAIR training course "Measuring and Managing Cyber Risk Using FAIR." In addition to the foundational knowledge required to apply the FAIR model, the course features in-depth treatment of the Risk Management Process and the role FAIR plays in each of its five phases: Risk Identification, Risk Analysis, Risk Evaluation, Risk Treatment, and Risk Monitoring.

After completing this course, you will have the skills and resources necessary to measure the risk associated with scenarios of all types. This will prepare you to fundamentally change the way risk management is conducted in your organization and make huge contributions to the protection of your company's value.

 

RSA ARCHER Summit 2018

August 15-17, 2018 | Renaissance Nashville | Nashville, TN 

Join us at the RSA Archer Summit 2018. This conference will provide invaluable face-to-face opportunities to discover best practices, hear about the latest product innovations, network with other customers, and meet one-on-one with RSA Archer experts and executives. RSA Archer Summit 2018 is your chance to let us know what product advances you’d like to see in future releases, connect with other leaders in your industry and gain firsthand knowledge that you can’t get at your desk.

Join us at a special session Quantifying Cyber Risk with RSA Archer. Jack Jones, Chairman of the FAIR Institute and author of FAIR, will be speaking on the importance of quantifying cyber risk.

 

FAIR Institute Breakfast Meeting at National Harbor

Jun. 5, 2018 7:30 - 10:00 AM | AC Hotel at National Harbor | National Harbor, MD 

Join a distinguished panel of cyber risk executives and fellow FAIR members, as they discuss "The Blueprint: Successfully Building Your FAIR Risk Management Program."

 

IANS Dallas Information Security Forum

May 2-3, 2018 | 7:30 AM - 5:00 PM CST | City Place Conference Center, 2711 N. Haskell Ave., Dallas, TX 75204

IANS 2018 Dallas Information Security Forum delivers an immersive curriculum with over 30+ sessions led by esteemed IANS Faculty, global information security thought leaders and solution providers. Attend the two-day Forum to gain actionable technical solutions and leadership insights focused on current and emerging challenges facing enterprise security leaders.

Attend the conference to hear Jack Jones, Chairman of the FAIR Institute, present the opening keynote, "Modern Cyber Technology Risk Management" on Wednesday, May 2 at 9 AM.

 

CERT Cyber-Risk & Resilience Management Symposium

Apr. 24, 2018 | 8:30 AM - 5:00 PM | NRECA Conference Center, 4301 Wilson Blvd., Arlington, VA 22203

Carnegie Mellon University’s CERT Cybersecurity Division is hosting a day-long symposium focused on proactively developing and implementing a cybersecurity risk and resilience strategy. A team of experts, from both the public and private sectors, will explore cybersecurity scenarios and provide guidance that you can apply immediately within any organization. Jack Jones will be speaking on a panel titled "Enterprise & Cyber-Risk Management - New Capabilities and Expert Panel."

Registration to this event is free, but space is limited to the first 200 registrants. A continental breakfast and lunch will be provided.

 

RSA Archer Cyber Risk Quantification Launch Breakfast

Apr. 19, 2018 | 8:00 - 9:30 AM | RSA Booth N3601 - Moscone North Expo Hall

Join RSA Archer on Thursday April 19th for breakfast and a demo of our new RSA Archer Cyber Risk Quantification® use case. Jack Jones will be present and will speak at 8:25 AM about Best Practices for FAIR Risk Management.

 

Issues of Quantifying Risk around Identity and Access Management (IAM)

Apr. 18, 2018 | 3:00 - 3:30 PM | Moscone West 2018, RSA Conference | San Francisco, CA

Identity and access management (IAM) has been a longtime domain for information security. How much energy should we be investing in these programs? How much risk is there for managing identities? Join Jack Jones and other FAIR Institute Members at this session to hear their approaches and understanding of the issues involved.

 

FAIR Institute Breakfast Meeting

Apr. 18, 2018 7:30 - 10:00 AM | Morrison & Foerster LLP | San Francisco, CA 

Join FAIR author and Institute Chairman, Jack Jones and a distinguished panel of cyber risk executives, as they unveil "The Blueprint: Successfully Building Your FAIR Risk Management Program."

Leading cybersecurity, operational risk, and business executives who are in town for the RSA Conference 2018 to get practical advice from industry leaders who are elevating their risk management programs.

 

From “No Data” to “Drowning in Data”—It’s Time for a Reality Check

Apr. 17, 2018 | 3:30 - 4:15 PM | Moscone South Esplanade 157, RSA Conference | San Francisco, CA

For years the information security community has argued that it is hamstrung by a lack of data. Now we’re hearing organizations complain that they don’t know what to do with all of the telemetry they get from their security technologies. In this session Jack Jones will share insights regarding data-related opportunities and challenges, what the future holds, and how we can leverage data effectively. 

 

Ponemon Institute RIM Renaissance

March 9, 2018 | Tucson, AZ 

What is RIM Renaissance? RIM Renaissance brings together smart individuals in privacy and security passionate about the work they do and the challenges they face. The program features case discussions, Socratic questioning and problem-solving debates. RIM Renaissance is an opportunity to thank our Fellows, RIM Council companies and research partners for their support and encouragement of Ponemon Institute. Jack Jones will be speaking during Fireside Chat session with Ponemon Institute Chairman and Founder, Larry Ponemon.

 

FAIR University Curriculum Virtual Panel Webinar

Feb. 23, 2018 | GoToMeeting Webinar

Interested in building a state-of-the-art information risk management course at your university?

Join us for the FAIR University Curriculum Virtual Panel Webinar on Friday, February 23rd, at 1 PM EST. Three FAIR Institute member professors will be on an expert panel to talk about teaching FAIR, cybersecurity, and risk management to university students.

This interactive event allows you to hear first-hand how to use the FAIR University Curriculum at your university and will provide tips and best practices to building a successful Information Risk Management course. Before the event, download the FAIR University Syllabus to help build a course for your students. You can watch the full recording here.

 

Where Do We Go From Here? 2017 Risk Management Maturity Benchmark Survey Results Webinar

Dec. 5, 2017 | GoToMeeting Webinar

Join us as the FAIR Institute and RSA host a webinar to discuss in detail the results and findings of the 2017 Risk Management Maturity Benchmark Study.

The webinar will include in-depth analysis of survey insights by leading risk management experts. Engage in conversation with Jack Jones, Chairman of the FAIR Institute we work together to answer questions to help clarify the information to best help your organization.

 

InfoSecurity Connect East: Where Financial Cybersecuirty Experts Connect

Nov. 1-3, 2017 | Eden Roc Miami Beach Resort | Miami, FL

Summary: InfoSecurity Connect East is an interactive, invite-only forum for senior cybersecurity executives from some of the top US banks, credit unions, insurance and financial services organizations to come together to share and interact with their peers, learn about new solutions and services, and gain valuable insights on how to improve their cybersecurity programs and policies.

Keynote:

Risky Business: Strengthening Your Cyber Risk Management And Culture To Build Trust

Presented by: Jack Jones, Author and Chairman, The FAIR Institute

As cybercrime continues to rise, it needs to be a key feature on the corporate risk management agenda. But gaining and maintaining the trust of senior executives, the Board, regulators, and customers is challenging. Checking boxes in a compliance framework won’t do it, nor will the lame risk measurement practices that are commonplace today. In order to build and maintain trust, we need to fundamentally change our approach to risk management.

  • How to look at cyber risk in business terms.
  • Foundational requirements for a trustworthy cyber risk management program.

 

The 2017 FAIR Conference (FAIRCON17)

Oct 16 & 17, 2017 | The Hilton Anatole | Dallas, TX

Don’t miss your chance to listen to thought-provoking presentations from industry leaders, witness engaging panel discussions and network with other FAIR Institute members, on Oct. 16 & 17. This year, we'll be extending our conference to include the optional add-on of valuable on-site FAIR training courses Oct. 17-19.

More event details, speaker lineup & registration link to come. Read more about this Save the Date here.

 

ISACA September Chapter Meeting: Modern Cyber and Technology Risk Management

Sept 14, 2017 | Wellshire Inn | Denver, CO

Summary: Common cyber and technology risk measurement practices today are broken. The result is that organizations struggle to prioritize their risks they face, or understand the value proposition of the risk management initiatives they invest in. In this session, Jack will share the root causes that limit our effectiveness at measuring risk, and provide a workshop on Factor Analysis of Information Risk (FAIR).

Learning Objectives:

    - gain an understanding what FAIR is,
    - have an opportunity to apply it to analyze one (or more) risks.

Be forewarned though, some of what will be discussed will challenge conventional wisdom.

Who should attend
IT Leaders (CIOs/CTOs/CSOs/CISOs), IT practitioners (Directors and Managers), IT Audit and Security professionals, Internal and External Auditors.

 

Risk Management Summit

Apr 6, 2017 | Omni Orlando Resort at ChampionsGate | ChampionsGate, FL

Jack will be presenting two sessions at the conference:

9:00 AM – 9:30 AM
Session 1 – Revisiting the Groundwork, Jack Jones
Within the information security and risk professions there are significant differences in how people define and approach risk.  This creates significant challenges to us as professionals for everything from risk measurement, alignment with the business, and communicating with executives. Consequently, in order for the Risk Summit to be productive, it is critical that everyone in the room is on the same page on these fundamentals.

In this first section, we’ll review some basic risk concepts and terminology, which will lay the foundation for everything that follows.

4:15 PM – 5:00 PM
Making the Case to Risk Management, Jack Jones
The primary reason for measuring risk is to help executives make well-informed business decisions. 
That being the case, this final session of the day will focus on the challenges with, and practical approaches for, communicating risk analysis results to management. These tips can make the difference between glazed eyes and genuine interest by the executives whose decisions drive the risk condition of an organization. 

Register here.

 

Integro Client Appreciation Conference

March 29, 2017| The Fairmont Princess Resort | Scottsdale, AZ

Jack Jones will participate on a panel discussing the valuation of assets as a main barrier in insuring information risk.

 

FAIR Institute Breakfast Meeting

Feb 15, 2017Morrison & Foerster LLP | San Francisco, CA 

Reserve your spot for the FAIR Institute breakfast meeting during which Jack Jones will present on "The characteristics of a risk-aligned leader".

Scheduled Date: 02/15/2017 - 8:00 AM - 10:00 AM

Abstract: In his presentation, Jack Jones will describe some of the common fallacies regarding being risk aligned with the business, and provide an alternative perspective. He'll also describe what it means to be a risk-aligned leader, what it takes to get there, and how to overcome some of the inevitable obstacles.

 

RSA Conference 2017

Feb 15, 2017 | Moscone Center | San Francisco, CA 

Jack Jones will be presenting a session on 'Tomorrow's Cyber-Risk Analyst' (PROF-W11)

Scheduled Date: 02/15/2017 - 2:45 PM - 3:30 PM

Abstract: As our industry evolves to better align with the needs of senior executives and boards of directors, the skills and characteristics of professionals need to evolve as well.  In this session, Jack will describe what the next generation of cyber risk analysts needs to look like, where and how they can acquire these capabilities, and what the job opportunities will look like.

   

First Meeting of the Cyber Risk Workgroup

December 12, 2016Private 

12:00 PM - 1:00 PM

Please join the FAIR Institute today to get involved.

 

Fifth Meeting of the FAIR Insurance Workgroup

December 8, 2016Private 

1:00 PM - 2:00 PM

Please join the FAIR Institute today to get involved.

 

MIS|TI Risk Management Summit 2016

December 8, 2016 | Marriott New Orleans, 614 Canal Street, New Orleans, LA

9:00 AM - 10:00 AM

The combination of inherently limited risk management resources and an increasingly complex and dynamic risk landscape means that effective prioritization is crucial. Without it, organizations are unable to identify and resolve their most important issues, and will invariably waste resources and delay resolving important issues.

In this session, Jack Jones will highlight some of the key weaknesses in common (and even “best”) practices, as well as share insights and simple steps organizations can take to evolve their risk management programs. Be forewarned that this will be a “take no prisoners” session, because in order to evolve we have to be honest about what doesn’t work, and why.

Register here

 

Jack Jones to speak to ISACA Toronto Chapter

November 15, 2016Ivey Tangerine Leadership Centre, 130 King Street West, Toronto ON, M5X1A9

1:00 PM - 4:30 PM

 

Jack Jones presents an Educational Course on FAIR to ISACA New York Metropolitan Chapter

November 3, 2016BNY Mellon, 101 Barclay Street, 10th Floor, New York, NY

9:00 AM - 5:00 PM

Course will cover risk prioritization in information security and risk management and how to use Factor Analysis of Information Risk (FAIR) as an approach for effective prioritization and analysis of a risk scenario.

Register here

 

The Annual FAIR Conference

October 14, 2016Wake Forest University Charlotte Center, 200 North College Street, Charlotte, NC

7:30 AM - 5:00 PM

Hosted by the FAIR Institute, the FAIR Conference brings the foremost leaders in information risk management together to explore best FAIR practices that produce greater value and align IT with business goals. Hosted by FAIR Institute, the FAIR Conference brings leaders in information and operational risk management together to explore best FAIR practices that produce greater value and alignment with business goals. Large enterprises and government organizations are creating breakthroughs in the management of information and operational risk that enable business-aligned communication, cost effective decision-making and ultimately managing what matters.

Audience members will leave the conference with:

  • New knowledge around the FAIR model.
  • An expanded network of FAIR experts and practitioners.

Register now.

 

(ISC)² Security Congress

September 12, 2016 | Orlando, FL

Jack Jones will be presenting a case study on 'Quantifying Cloud Risk'

3:15 PM – 4:15 PM  

  • Audience members will leave the session with the following:

    • The power of communicating information security risk in business terms.
    • Weaknesses associated with common 3rd party risk assessment methods.
    • A pragmatic approach to quantifying information security risk.

 

Cornerstones of Trust

June 14, 2016 | Crowne Plaza, Foster City, CA

Jack Jones will be delivering the keynote address titled 'Just Secure What?'  

1:30 PM - 2:15 PM

  • Jack will demonstrate the challenges faced by the information security profession.
  • Share practical methods for overcoming them by leveraging the FAIR open standard.  

  

Infosec World 2016

April 7, 2016 | Disney Contemporary Resort, Lake Buena Vista, FL

Jack Jones will be presenting a session on 'Setting the Stage: What is Risk Anyway? Ending the Confusion'

8:15 AM – 9:00 AM  

  • Attendees will gain clarification about risk, hear examples of what’s making it so confusing, and learn what can happen if the confusion is not alleviated.
  • Learn a clear, meaningful, and practical set of definitions and concepts that can fundamentally change the risk dialog in your organization.
  • Learn how to consistently normalize risk terminology and concepts within your organization.
  • Gain an improved ability to “drill into” and evaluate someone else’s statements about risk
 

RSA Conference 2016

Feb 29-Mar 4, 2016 | Moscone Center San Francisco 

Jack Jones will be presenting a session on 'How infosec maturity models are missing the point' (STR-W04)

Scheduled Date: 03/02/2016 - 10:20 AM - 11:10 AM

Abstract: Infosec maturity models abound, and although they provide some value, they completely ignore fundamental elements that ultimately determine whether an infosec program is mature -- or not. In this session Jack will share what those missing elements are, why they are so critical, how to gauge maturity in those dimensions, and the steps you can take to help make your organization more mature. 

Follow-on Discussion: 03/02/2016 - 4:30 PM- 5:20 PM

Abstract: Continue the How Infosec Maturity Models Are Missing the Point conversation in a smaller group discussion and Q&A with the presenter. This session will be discussion based—no new slides will be presented. This session is limited to 50 attendees.

 

Jack Jones will be participating in a panel discussion on 'Habits of an Effective CISO.' (GRC-R02)

Scheduled Date: 03/03/2016 - 8:00 AM- 8:50 AM

Short Abstract: With less time and more responsibilities, how does an effective CISO manage? Three leading CISO will share their strategies for success. 

Moderator:

Ben Rothke, Senior eGRC Consultant, The Nettitude Group

Panelists:

Phil Agcaoili, Chief Information Security Officer, Elavon
Roland Cloutier, VP & CISO, ADP, Inc.
Jack Jones, EVP Research & Development, RiskLens

 

Jack Jones will be participating in a panel discussion on 'Aligning and Prioritizing Risk Efforts Across the Enterprise' (GRC-F03)

Scheduled date: 03/04/2016 at 11:20 AM- 12:10 PM

Short Abstract: The responsibility for managing risk rests within many parts of the organization(e.g., audit, security, compliance, etc.). Unfortunately, very often these efforts are redundant or contradictory. In this session, learn how these groups can work together to minimize confusion and “religious” debates in order to better evaluate risk and prioritize in a consistent, efficient, and aligned manner.

Facilitator:                                                                          

Jack Jones, EVP Research & Development, RiskLens

Panelists:

Maria Shaw, VP, IT Risk Management, McKesson
Tess Martillano, MD, IRM Enterprise Services & CIRO, Latin America & the Caribbean, BNY Mellon
Evan Wheeler, Executive Director, Operational Risk Management, DTCC

 

The Open Group Conference - Enabing Boundaryless Information Flow

Jan 25, 2016 | San Francisco

Isaiah McGowan will present a session on 'Steps to Success - Lessons Learned on Successfully Adopting OpenFAIR'

Abstract: In the two years since it’s establishment as an international standard, OpenFAIR has been adopted by many organizations –from the smallest to the largest- as their risk analysis method of choice. These programs span the spectrum of qualitative and quantitative approaches.

This session will explore key attributes of a successful OpenFAIR implementation, pitfalls to avoid when adopting OpenFAIR, and examples of how OpenFAIR can help mature virtually any risk program.