Posted February 8, 2019 by Jeff B. CopelandIn an article “Looking for a Magic Number”, Kim S. Nash of the The Wall Street Journal’s WSJ Pro Cybersecurity newsletter (subscription required) writes that “everyone wants a gauge but none exists” to set a cybersecurity program budget.
Posted January 2, 2019 by Luke BaderAt the recent FAIR Conference at Carnegie Mellon University that drew a record turnout from around the world, we heard one message repeated many ways – the movement toward a rational, data-driven, model-based approach to cyber risk (and away from qualitative, guesswork approaches) is growing fast.
Posted December 27, 2018 by Jeff B. CopelandRiskLens and the FAIR risk model are change agents in the world of cyber risk management and the most popular blog posts we published in 2018 are a leading indicator of where the movement is heading. Take a look at the Top 10, by page views:
Posted December 12, 2018 by Jeff B. CopelandFor a leading indicator on where the cybersecurity industry is trending, scan the lineup of topics for sessions at the annual RSA Conference, coming in 2019 on Monday-Friday, March 4-8, in San Francisco. The agenda is just out and it looks like 2019 is shaping up as year of heightened interest in a risk-based approach
Posted October 31, 2018 by Jeff B. CopelandIn an article just published on the SecurityWeek website, Communication Is Broken Between CISOs and the Rest of the Business, RiskLens CEO Nick Sanna takes CISOs to task for failing to upgrade their communication skills, as senior management and boards increasingly focus on cybersecurity concerns.
Posted October 26, 2018 by Jeff B. CopelandIn a recent survey of board members by PwC, 82% said that cyber threats had moved from an IT issue to one that would drive overall strategic change for their companies. It’s an evolutionary change in board attitudes
Posted October 18, 2018 by Jeff B. CopelandThe Journal’s WSJ Pro Cybersecurity’s Cyber Daily newsletter took a look at Charles Schwab Corp.’s rollout of Factor Analysis of Information Risk, the FAIR model that powers the RiskLens platform – and liked what it saw.
Posted October 9, 2018 by Jeff B. CopelandCorporate governance expert and RiskLens board member James Lam tells the Wall Street Journal’s Cyber Daily (subscription required) that CISOs and CIOs should stop reporting on cyber risk with “silly” metrics like attempted malware attacks
Posted September 28, 2018 by Isaiah McGowanAs an industry we have a history of focusing on things around risk but not explicitly addressing risk; when we do that we are NOT doing “risk-based” anything.
Posted September 21, 2018 by Teresa SuarezBias. Discrimination. Unfairness. What do all three words have in common? I’ll give you some hints, they all: Have negative connotations Exhibit prejudices Could be attributed to heat maps