An Introduction to the FAIR Materiality Assessment Model (FAIR-MAM™)
PDF | Thought Leadership
The FAIR Institute is releasing a new standard to help organizations assess the materiality of cybersecurity risk and incidents, called FAIR Materiality Assessment Model (FAIR-MAM™). FAIR-MAM™ expands the loss magnitude factor of the FAIR™ model, and provides a more detailed taxonomy and breakdown of loss categories driven by cybersecurity incidents.
The FAIR Materiality Assessment Model (FAIR-MAM™) is an open, financial loss model that enables organizations to:
- Quantify the impact of cyber incidents so they can quickly and reliably disclose legally defensible material risk on SEC Form 8-K
- Report financial risk internally to inform cybersecurity investment and management decisions for a full range of custom cyber risk scenarios
- Create a timeline of the multi-year lifecycle of the total cost of an incident
FAIR-MAM™ is also a standard that allows companies to report ‘comparable’ material financial costs related to cybersecurity incidents, a critical requirement for institutional investors.