Welcome to the CXOWARE blog. We hope you’ll join us for lively and good natured discussion about risk and risk issues!  We’re risk geeks, plain and simple. We’re big advocates of the Factor Analysis of Information Risk (FAIR) framework for quantifying risk.

To Be FAIR About It

By: Jack Jones

Find me on:

I came up with something useful to post about the other day, only to wonder whether I’d already posted about it sometime ago. (It turns out I had, mostly.) But in the search through past posts, three things became clear:

  • I really haven’t had that many posts. Alex was prolific, and Jack Freund and Ryan have added some excellent ones too
  • I needed a simple reference so that I could avoid repeating myself on topics
  • There doesn’t appear to be a simple way for someone to find my past posts

So, I decided to put all of my past posts (at least the ones I thought were decent) into a single reference . I’ve posted that reference to the resources page of the RMI website in case someone (my family, maybe) wanted to browse my past posts without digging through an entire blog site. In case you’re wondering, it contains only twenty-five posts. Twenty-five out of a total 388 posts to-date on this site.

Don’t, however, think for a moment that these represent the best posts on this site. They aren’t — not by a long shot. They’re just the ones I’ve contributed.

About The Author

Jack Jones
Jack Jones is the EVP of R&D and a Founder of RiskLens. He has worked in technology for over 30 years, the past 28 years in information security and risk management. He has a decade of experience as a Chief Information Security Officer (CISO) with three different companies, including a Fortune 100 financial services company. His work there was recognized in 2006 when he received the Information Systems Security Association (ISSA) Excellence in the Field of Security Practices award. In 2007, he was selected as a finalist for the Information Security Executive of the Year, Central United States, and in 2012, he was honored with the CSO Compass Award for leadership in risk management. Jones, who lives in Spokane, Washington, has served on the ISACA CRISC Certification Committee and RiskIT Task Force, as well as the ISC2 Ethics Committee. He is the author and creator of the Factor Analysis of Information Risk (FAIR) framework. He writes about that system in his book Measuring and Managing Information Risk: A FAIR Approach, which was inducted into the Cyber Security Canon in 2016, as a must-read in the profession.