Using FAIR-MAM, the FAIR Materiality Assessment Model, the FAIR Institute ran a reality check on the costs reported by UnitedHealth Group for the massive ransomware attack on its Change Healthcare payments processing subsidiary on February 21, 2024. Our finding: The reported costs could be short by a factor of two from the probable total costs of the incident ..read more

The FAIR Institute recently introduced the FAIR Third Party Assessment Model (FAIR-TAM™), a new addition to the FAIR family of standards and models, created to shine light on the big blind-spot in cyber security, the loss exposure lurking unseen among supply chain partners or vendors.  ..read more

Expect to have your outlook on tech, cyber, AI, risk, the economy, and even your career path expanded when John Chambers, the outspoken former Executive Chairman and CEO (and current Chairman Emeritus) of Cisco, takes the stage to keynote the2024 FAIR Conference, October 1 & 2 at the Fairmont Hotel, Washington, DC ..read more

Tuesday, May 7, 2024, the FAIR Institute and our technical adviser Safe Security are hosting a happy hour with a purpose: to brief attendees at the 2024 RSA Conference on the latest compelling developments in scaling and automating FAIR, the standard for cyber risk quantification ..read more

SEC disclosure regulations in the US, NIS2 impact statements for cyber events in Europe – the regulatory trend is clear: companies must quantify the financial impact of cybersecurity risk and disclose when risk hits material levels.  The FAIR Institute developed the FAIR Materiality Assessment Model (FAIR-MAM™) as a defensible method to collect and analyze impact data and determine materiality ..read more

You could almost feel the future closing in at the recent FAIR Institute Europe Summit, where a panel of cyber risk experts from different disciplines gave some very timely tips and warnings about the AI wave about to hit business and government.  ..read more

The FAIR Institute welcomes members of the vast tech industry talent pool in India to join our new local chapter, officially launched recently with a well-attended meeting in Mumbai. The Institute now counts around 20 chapters and 15,000 members around the world, sharing best practices in FAIR (Factor Analysis of Information Risk) that empower risk professionals to collaborate with their business partners on balancing protection of the organization with advancing the business. Learn more about FAIR.  ..read more

We get the question frequently these days: “What’s new and different about Generative AI risk?” We can analyze GenAI risk with our trusty FAIR model, but with new vectors, new threats and new loss categories. So, practically speaking, the short answer is: “It’s a completely new and different risk ..read more

In today's dynamic business landscape, understanding and quantifying risk are paramount for organizational success. The FAIR Model is an internationally recognized standard empowering professionals to quantify risk into financial values ..read more

The FAIR Institute introduced in 2023 theFAIR Materiality Assessment Model (FAIR-MAM ™) a step change in quantifying loss magnitude for FAIR cyber risk analysis. FAIR-MAM enabled analysts to gather loss data at a granular level that ensured a high level of accuracy – and store it in an always available repository, ready for reporting the impact of a data breach or other loss event in a defensible format that could stand up to scrutiny by regulators ..read more