RiskLens Blog

Talking Cyber Risk Analysis to Skeptical Executives

Posted June 12, 2017 by Jack Jones

One of the reasons I love attending local FAIR Institute chapter meetings around the country is that I invariably get asked questions that prompt ideas for this blog site. For example, in a recent meeting a gentleman said that he believed executives would be skeptical of numbers in cyber risk assessment and prefer simpler red/yellow/green representations of risk.

... Continue Reading

What Mary Meeker Missed about Cloud Security

Posted June 7, 2017 by Jeff B. Copeland

When Mary Meeker speaks, Silicon Valley listens. Last week, the Valley’s most respected forecaster (and partner at venture capitalist firm Kleiner Perkins), presented her annual lnternet Trends report for 2017, a 355-slides extravaganza of predictions.

... Continue Reading

Join Jack Jones & RiskLens at Cyber Risk North America in NYC June 20-21

Posted June 5, 2017 by Tiziana Barrow

Meet with prominent cyber risk players and peers to discuss the challenges and opportunities related to cyber risk at Cyber Risk North America 2017, the financial sector's specialist forum for improving cyber security risk management.

... Continue Reading

[FREE eBook]: An Executive's Guide to Cyber Risk Economics

Posted May 24, 2017 by Vanessa McCoy

We are pleased to introduce our latest free resource: an eBook written by Jack Jones, creator of the FAIR model and the foremost authority in the field of information risk management. At RiskLens, we found that all too often, cyber risk officers are not equipped with the right tools to earn themselves a seat at the business table. 

... Continue Reading

Guarding the Galaxy Against Supervillains: A FAIR Risk Analysis

Posted May 23, 2017 by Tim Wynkoop

I frequently hear from clients that they'd like to perform a FAIR risk analysis on more than just information risk or cyber risk.  They want to be able to perform more of an operational risk analysis.  Thankfully, FAIR (that’s Factor Analysis of Information Risk, the model that powers RiskLens) is flexible enough that you can do just that.  I have enlisted the help of my friends at Marvel to show how easy it is to perform a FAIR analysis on just about anything, including operational risk–just for fun, let’s say, on guarding the galaxy.   

... Continue Reading

How I Analyzed the Top 10 Cybersecurity Risks for a Financial Institution (a Deep Dive)

Posted May 19, 2017 by Cody Whelan

For a few weeks now in blog posts, I’ve referenced the Top 10 cybersecurity risk analysis I conducted with RiskLens for a financial institution customer (see In a Top 10 Risks Analysis, Get These Two Factors Right).  Now that anticipation is at a peak, I figured I would provide my overview, along with some key insights to each risk-analysis scenario.  

... Continue Reading

Prepare for the Next Ransomware Epidemic with a FAIR Analysis

Posted May 15, 2017 by Jeff B. Copeland

In the largest ransomware attack ever, the WannaCry (or WannaCrypt or Wana Decryptor) malware has spread to 150 countries in a few days, freezing computer systems from FedEx in the US to phone companies in Spain and Russia. In Britain, National Health Service (NHS) hospitals had to turn away patients from emergency rooms.

... Continue Reading

5 Questions Boards Should Ask About Cyber Risk [Infographic]

Posted May 11, 2017 by Jack Jones


There is growing concern that corporate boards and senior executives are not prepared to govern their organization’s exposure to cyber risk. While true to some degree, executive management can learn to identify and focus on the strategic and systemic sources of cyber risk, without becoming distracted by complex technology-related symptoms, by understanding the organization’s ability to make well-informed decisions about cyber risk and reliably execute those decisions.

... Continue Reading

Field Guide to Cyber Threats: Watch Out for These 7 Beasts

Posted May 10, 2017 by Rebecca Merritt

Hacktivists, insiders with a grudge, nation-state actors: It’s a cyber-threatening jungle out there. But take a deep breath: By applying the FAIR model (that’s Factor Analysis of Information Risk), you can get a clear picture of what’s truly a cyber threat to your business, and start to plan a rational defense.

... Continue Reading

What Is FAIR Training?

Posted May 3, 2017 by Tim Wynkoop

FAIR training is a unique opportunity to obtain an in-depth look at how Factor Analysis of Information Risk (FAIR) really works. FAIR is the model that powers the RiskLens platform. It’s a beautifully logical way to understand risk by breaking it down into component parts. This enables organizations to quantify risk, that is, communicate risk in financial terms. We really enjoy spreading the word on the power of FAIR - you might even say we’re on a mission.

... Continue Reading

Sign Up for Blog Updates