FAIR TRAINING AND CERTIFICATION
Take Your Career to the Next Level with Courses from the RiskLens Academy and CyberVista
FAIR Analysis Fundamentals, offered live and online, introduces learners to the FAIRTM quantitative risk analysis model and the foundational concepts involved in FAIRTM analysis. By the end of this course, learners will be able to apply the FAIRTM quantitative risk analysis model to accurately model and quantify risk and will be prepared for the OpenFAIR Certification exam. The course includes 16 CPE credits, a voucher covering the cost of the exam, and a study guide that prepares you for the exam. Please note that online course access is valid for 90 days after purchase, with some reasonable extensions happily granted.
The FAIR Analyst Learning Path, offered online, provides advanced training on the risk analysis process and is intended
for learners who understand the FAIRTM quantitative risk analysis model. This set of courses goes in-depth on how to scope your analyses, collect data and estimates, run your analysis and perform quality assurance, and present results. Built from over 30 years of practical analysis experience, the courses include three hours of instructional videos, numerous downloadable checklists, templates, and guides, and exercises that will be reviewed by FAIR experts. These courses will enable you to conduct high-quality analyses and quickly scale a team of well-trained FAIR analysts. Completion of the full Analyst Learning Path includes 16 CPE credits. Please note that online course access is valid for 90 days after purchase, with some reasonable extensions happily granted.
FAIR Analysis Fundamentals for US Government - US Government information security and risk management professionals make mission-critical tactical and strategic decisions every day. FISMA, EO 13800, NIST CSF, NIST 800-37, 800-39, and many other standards and frameworks direct agencies to make those decisions in a cost- effective way based on an understanding of the probability/likelihood and impact/magnitude of harm.
So, how are agencies to do that? Does it look like 1-5 rating scales or red/yellow/green heat maps? Is that the best way to cost-effectively manage our limited resources in light of the risks we face? And just what is “risk,” anyway? Different standards provide different definitions, models, calculations, and frameworks — there has to be a better way. Exactly how to meet these requirements is largely left up to the various agencies and auditing authorities are mainly concerned that the work gets done, not how it gets done.
The Factor Analysis of Information Risk (FAIR) model and methods are recognized as an Informative Reference to the NIST CSF, aligned to ISO 31000 and other standards, and backed by a worldwide network of risk researchers, managers, and analysts in the FAIR Institute. FAIR helps provide clarity on the risks you face so you can most cost-effectively manage them. Risk analysts and managers in government and some of the world’s most successful companies
are applying FAIR to:
- Assess cyber and operational risk in financial and probabilistic terms
- Prioritize remediation efforts based on business impact
- Justify security investments and demonstrate ROI
- Communicate with their peers and leaders about loss scenarios and their associated risk directly and effectively
In this course, you will learn the basics of quantitative risk analysis with FAIR. You will see what’s possible when you are equipped with a logical, repeatable, defensible model for analyzing risk in financial and probabilistic terms. High/medium/low or 1-5 ratings and subjective heat maps aren’t sufficient to inform the “efficient and cost-effective risk management decisions” required by the NIST 800 series of documents. FAIR offers “a more scientific approach to estimating likelihood and impact of consequences (…) to better prioritize risks and to prepare more accurate risk exposure forecasts.” (NISTIR 8286)
Join us for a comprehensive course led by experienced risk professionals featuring case studies and example analyses directly relevant to the public sector
Resolve: Board and Executive Cybersecurity Training from CyberVista, is available both on-site and on-demand,
focuses on executive and board-based seminars to provide the knowledge necessary to understand, monitor, and manage cyber risk. Their framework guides an interactive and tailored dialogue that results in leadership articulating the most critical aspects of their business, an overall prioritization of cyber risks against identified threats and vulnerabilities, and a review of the controls that can be put in place to address those risks. From threat actors, to cyber due diligence during M&A, to response planning, this training cover 25+ topic areas and can customize a seminar to fit your unique needs.