Factor Analysis of Information Risk (FAIR) has emerged as the standard Value at Risk (VaR) framework for cybersecurity and operational risk.
The FAIR Institute is a non-profit professional organization dedicated to advancing the discipline of measuring and managing information risk.
It provides information risk, cybersecurity and business executives with the standards and best practices to help organizations measure, manage and report on information risk from the business perspective. The FAIR Institute and its community focus on innovation, education and sharing of best practices to advance FAIR and the information risk management profession.
May 21, 2020 7:34:00 AM
Board directors and senior executives are obligated to govern their organizations’ cyber risk management efforts. To this end, they are being educated by such organizations as the NACD or the Big 4 on foundational concepts of information security and cyber risk management.
May 19, 2020 9:52:20 AM
“All models are wrong, but some are useful.” By those words, professor and statistician George Box reminds us that models, including the FAIR™ Model, are approximations of reality.
May 15, 2020 7:45:00 AM
>>DHS/OMB mean well in pushing for a risk-based approach to cybersecurity in the Federal Government, but their requirements fall short of helping agencies effectively prioritize and right-size their cybersecurity investments
Sep 7, 2017 3:18:43 PM
I recently had a conversation with clients around a risk analysis they conducted and noticed as they walked me through it that they seemed to get hung up on the terms “inherent risk” and “residual...Read More >>
May 1, 2017 8:51:54 AM
The terms “risk appetite” and its close cousin “risk tolerance” are often poorly understood, very rarely used to good effect, and commonly used interchangeably.
Similar to the word “risk,” you will...Read More >>
Nov 19, 2019 2:36:00 PM
It's official: NIST has formally published FAIR as an Informative Reference to the NIST CSF, the most widely used cybersecurity framework in the U.S, a major milestone in the history of FAIR. This...Read More >>