November 5-8 | Las Vegan, NV

Join us at the Fair Institute...

Signup now for special pricing

What is the FAIR Institute?

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Sed non felis faucibus, convallis ligula sed, laoreet quam. Nulla porta lorem nec augue varius egestas.

Sed vitae purus maximus, gravida mi a, ornare felis. Sed malesuada magna in enim porttitor sollicitudin. Phasellus fringilla orci felis, nec pellentesque augue rhoncus at. In sed nisi ultricies, dignissim erat eget, convallis neque.

Fusce non risus vitae arcu dictum sagittis. Nunc iaculis risus ac semper iaculis. Etiam justo nibh, porttitor et turpis sed, elementum dignissim ligula..

5000+
Members
40%
Increase
75%
Growth
FAIR_yellow-ups_02.png

UPCOMING EVENTS

Aenean consequat aliquam metus. Donec sem tellus, luctus nec ornare sed, ultricies ac dui. Maecenas in convallis velit. Cras et maximus est. Cum sociis natoque penatibus et magnis dis parturient montes, nascetur ridiculus mus.
Enter Title
Enter Title
Enter Title
Enter Title

RECENT BLOGS

Take a Listen to this Webinar: Combining NIST-CSF and FAIR, Quantifying Risk to Drive Better Decision Making

From time to time, we come across some interesting FAIR related thoughts being shared by our partners. Last week, a fascinating webinar was hosted by Institute Technical Advisor, RiskLens

Read More >>

How a Risk Analysis Scope Gets Off Track (and How to Fix It)

The most important step in conducting a quantitative cyber risk analysis is scoping - identifying the asset, threat, and effect related to the scenario at hand. But what happens if you are so excited to get into your FAIR analysis that you skip this crucial step?

Read More >>

Video: Jack Jones Tells Enterprise Security Weekly Infosec Makes Risk Management Harder than It Has to Be

FAIR Institute Chairman and FAIR model creator Jack Jones gives a concise, high level view of the limitations of conventional thinking in the cybersecurity profession, and how FAIR and a quantitative approach to cyber risk shows the way forward, in this Enterprise Security Weekly podcast hosted by Paul Asadoorian.

Read More >>

SEE ALL BLOGS

POPULAR BLOGS

Post Image
Inherent Risk vs. Residual Risk Explained in 90 Seconds

I recently had a conversation with clients around a risk analysis they conducted and noticed as they walked me through it that they seemed to get hung up on the terms “inherent risk” and “residual...

Read More >>
Post Image
Risk Analysis vs. Risk Assessment: What's the Difference?

Yes, this is Cyber Risk 101, but risk analysis vs risk assessment is common confusion, so let Jack Jones explain it in an excerpt from his book Measuring and Managing Information Risk: A FAIR Approach

Read More >>
Post Image
'Risk Appetite' vs. 'Risk Tolerance'. What’s the Difference?

The terms “risk appetite” and its close cousin “risk tolerance” are often poorly understood, very rarely used to good effect, and commonly used interchangeably.

Similar to the word “risk,” you will...

Read More >>