Webinar: Overcome Challenges in Adopting FAIR™ and Quantitative Risk Management

In this 30-minute webinar, RiskLens Risk Consultant Tyler Britton tells how RiskLens helped one client (a Fortune 500 financial firm) work through the corporate-culture challenges that many organizations face in in stepping up to FAIR™, quantitative risk management and a risk-based approach to cybersecurity.


Watch the webinar now: “Case-Study – How One Organization Overcame its Challenges Adopting FAIR” – Fill out the form below.


Tyler’s overall advice: Stick to the FAIR process and it ultimately will see you through.  Some of the challenges he covers in this webinar:

Lack of strategic focus on a clear value proposition for an analysis program

Solution: The organization was interested in decision support for large scale change management, such as moving critical systems to the cloud. RiskLens consultants helped focus smaller projects on that larger goal. As Tyler says, “build a long-term use case when starting and continually reinforce that as you go.”

Hyper focus on objectivity – more data means a more valid analysis – to the point of analysis paralysis.  

Solution: The risk team needed training on the FAIR concept that more data is not necessarily better; what matters is having a useful amount of data that’s also defensible for its relevance to the analysis.

Seeking single point estimates instead of ranges.  

A key teaching of FAIR is that precise estimates are typically precisely wrong. FAIR looks for analysis results that are accurate within a range, a more useful output for decision-making as it reflects probable outcomes and accounts for uncertainty. Part of the educational process here is teasing out of subject matter experts their estimates in ranges for low/high/most likely frequency or impact of loss events.

Ultimately, the organization saw success in presenting a new, quantitative risk report to the board of directors, and also found success with:

  • The Rapid Risk Assessment capability of the RiskLens Platform, a good hybrid between their existing qualitative approach and the new quantitative approach.
  • Starting with a limited set of use cases for FAIR analysis and expanding over time

If you’re dealing with these kinds of mindset challenges, you’ll want to hear more of Tyler’s advice. As he says “the challenges may not be obvious” and “tact and perseverance go a long way.”


Watch the webinar now: “Case-Study – How One Organization Overcame its Challenges Adopting FAIR” – Fill out the form below.

In this 30-minute webinar, RiskLens Risk Consultant Tyler Britton tells how RiskLens helped one client (a Fortune 500 financial firm) work through the corporate-culture challenges that many organizations face in in stepping up to FAIR™, quantitative risk management and a risk-based approach to cybersecurity.

Tyler’s overall advice: Stick to the FAIR process and it ultimately will see you through.  Some of the challenges he covers in this webinar:

Lack of strategic focus on a clear value proposition for an analysis program

Solution: The organization was interested in decision support for large scale change management, such as moving critical systems to the cloud. RiskLens consultants helped focus smaller projects on that larger goal. As Tyler says, “build a long-term use case when starting and continually reinforce that as you go.”

Hyper focus on objectivity – more data means a more valid analysis – to the point of analysis paralysis.  

Solution: The risk team needed training on the FAIR concept that more data is not better, what matters is having a useful amount of data that’s also defensible for its relevance to the analysis.

Seeking single point estimates instead of ranges.  

A key teaching of FAIR is that precise estimates are typically precisely wrong. FAIR looks for analysis results that are accurate within a range, a more useful output for decision-making as they reflect probable outcomes and account for uncertainty. Part of the educational process here is teasing out of subject matter experts their estimates in ranges for low/high/most likely frequency or impact of loss events.

Ultimately, the organization saw success in presenting a new, quantitative risk report to the board of directors, and also found success with:

  • The Rapid Risk Assessment capability of the RiskLens Platform, a good hybrid between their existing qualitative approach and the new quantitative approach.
  • Starting with a limited set of use cases for FAIR analysis and expanding over time

If you’re dealing with these kinds of mindset challenges, you’ll want to hear more of Tyler’s advice. As he says “the challenges may not be obvious” and “tact and perseverance go a long way.”

Let's Talk About Your Cyber Risk in Business Terms

RiskLens is leading a revolution in the way cyber risk is assessed, measured and managed by bringing to market a Software as a Service solution that makes cyber risk quantification a reality.
We help organizations translate cyber risk from the technical into the economic language of business

Schedule a Demo