You could almost feel the future closing in at the recent FAIR Institute Europe Summit, where a panel of cyber risk experts from different disciplines gave some very timely tips and warnings about the AI wave about to hit business and government.  ..read more

The FAIR Institute welcomes members of the vast tech industry talent pool in India to join our new local chapter, officially launched recently with a well-attended meeting in Mumbai. The Institute now counts around 20 chapters and 15,000 members around the world, sharing best practices in FAIR (Factor Analysis of Information Risk) that empower risk professionals to collaborate with their business partners on balancing protection of the organization with advancing the business. Learn more about FAIR.  ..read more

We get the question frequently these days: “What’s new and different about Generative AI risk?” We can analyze GenAI risk with our trusty FAIR model, but with new vectors, new threats and new loss categories. So, practically speaking, the short answer is: “It’s a completely new and different risk ..read more

In today's dynamic business landscape, understanding and quantifying risk are paramount for organizational success. The FAIR Model is an internationally recognized standard empowering professionals to quantify risk into financial values ..read more

The FAIR Institute introduced in 2023 theFAIR Materiality Assessment Model (FAIR-MAM ™) a step change in quantifying loss magnitude for FAIR cyber risk analysis. FAIR-MAM enabled analysts to gather loss data at a granular level that ensured a high level of accuracy – and store it in an always available repository, ready for reporting the impact of a data breach or other loss event in a defensible format that could stand up to scrutiny by regulators ..read more

Bottom-line advice from a panel of experts at the recent FAIR Institute Europe Summit in Paris on complying with the EU’s new cyber resilience regulations, the NIS2 Directive and DORA: Prioritize on a  proportional response with a risk management approach ..read more

Congratulations, you launched a risk analysis and management initiative based on Factor Analysis of Information Risk (FAIR™).  You lined up an executive sponsor, wangled some staff, hopefully set out a road map with a CRQ program charter and posted in the window a menu of CRQ services your team stands ready to provide ..read more

  ..read more

  ..read more

The recent ransomware attack on Change Healthcare, operator of the biggest medical claims processor in the US, was a nightmare scenario of third-party risk. Medical practices serving 131 million patients were cut off from revenue for two weeks or more, driving many close to financial collapse. In the same period, Bank of America and American Express reported breaches at third-party vendors ..read more