Posted December 5, 2018 by Rebecca MerrittOne thing we learn from Factor Analysis of Information Risk (that’s the FAIR model that powers the RiskLens cyber risk analytics platform) is to take a disciplined approach to our thinking and language about risk.
Posted November 9, 2018 by David MusselwhiteWelcome back to our discussion of the math knowledge required to perform FAIR analyses with the RiskLens platform (spoiler alert: not much).
Posted October 31, 2018 by Leanne ScottAt RiskLens, we study and try to exemplify the principles in The 7 Habits of Highly Effective People by Stephen R. Covey, especially Habit 2: Begin with the End in Mind.
Posted October 8, 2018 by Taylor MazeThere are few things in life that are less fun than exception mitigation due to audit findings. In fact, I have compiled a list: root canals, a weekend trip with your mother in law (here’s hoping she doesn’t read my blogs), and 4:30 p.m. Friday meetings.
Posted October 3, 2018 by David MusselwhiteQuantitative cyber risk analytics using FAIR is an inherently mathematical endeavor. Estimates for the factors of risk (like loss event frequency and loss magnitude) are expressed using probability distributions
Posted September 25, 2018 by Jeff B. CopelandWhat’s the risk from spear-phishing, accidental emailing of customer data or other results of the vulnerabilities caused by humans on your systems? Cybersecurity professionals are often stumped on how to answer
Posted September 4, 2018 by Chelsea BrunsonFAIR risk analyses are great - they allow you to understand cyber risk in dollars and cents. RiskLens is the SaaS platform out there that allows you to conduct true quantitative cyber risk analysis.
Posted August 16, 2018 by Rachel SlabotskyI recently worked with a large financial services organization to analyze a data breach scenario and determine the potential risk reduction (in terms of dollars and cents) that would result from implementing tokenization on key fields within a database cluster containing PII information.
Posted August 7, 2018 by Jeff B. CopelandIf you’re looking for a no-prerequisites introduction to the FAIR model for cyber risk analysis and the RiskLens application for cyber risk quantification that runs on FAIR, take under an hour to listen to Cary Wise, our risk consultant and veteran of introducing FAIR to a long list of businesses like yours.
Posted July 16, 2018 by Taylor MazeIn my experience, being an external auditor is kind of like being a parent. Due to being completely centered around compliance, there are a lot of rules that you must enforce