The FAIR Institute

The FAIR Institute is a non-profit professional organization dedicated to advancing the discipline of measuring and managing information risk, based on the FAIR standard.

It provides information risk, cybersecurity and business executives with the standards and best practices to help organizations quantify, manage and report on information risk from the business perspective.

The FAIR Institute and its world-wide community of thousands focus on innovation, education and on the development and sharing of best practices to advance quantitative risk analysis and the information risk management profession.

A Global Movement

85 Countries Around 5 Continents

FAIR Institute members span the globe. They are part of organizations located in 85 countries, making this a truly international movement.

Industry Leaders

Across the Fortune 1,000

8 out of 10 of the Fortune 10, 75% of the Fortune 50, 30% of the Fortune 100 and nearly 30% of the Fortune 1,000 have members in The FAIR Institute.

Local Support

Chapters around the World

The FAIR Institute has several local chapters around the world. These chapters meet quarterly to exchange best practices, share insights and help promote broader adoption of the FAIR model.

RiskLens and The FAIR Institute

Partnering to Revolutionize Cyber Risk Management

RiskLens is the founder and technical advisor of the FAIR Institute, an expert non-profit organization led by Chief Information Risk Officers, CISOs and business executives to develop standard information risk management knowledge and operational best practices based on FAIR.

As Technical Advisor to the FAIR Institute, RiskLens is committed to the development and adoption of standard cyber risk quantification and management practices and helps its members by:

  • Sharing expertise on FAIR topics that leverage the experience of live implementations in the Fortune 1,000
  • Showing how other companies are leveraging cyber risk quantification to improve their risk analytics and decision-making capabilities
  • Connecting them with other FAIR Institute members or other practitioners based upon their information needs
  • Providing online and on-site training via The RiskLens Academy
  • Reviewing their cyber risk maturity to create an accelerated cyber risk management roadmap
  • Providing access to experts in cyber risk management and other aspects of the FAIR methodology

The Book Behind the Model

Read by Thousands Around the World

RiskLens Co-Founder and Chief Risk Scientist Jack Jones is the author of  “Measuring and Managing Information Risk: A FAIR Model,” the book that launched the FAIR movement.

Written in clear, non-technical language, the book describes a practical and credible framework for understanding, measuring and analyzing information risk of any size and complexity.

Measuring and Managing Information Risk was inducted into the Cybersecurity Canon in 2016, as a must-read text for risk professionals.


Buy the Book


FAIRCON is The FAIR Institute’s annual community conference. It brings together hundreds of leading thinkers in security and risk for multiple days of sharing and collaboration.

Register for FAIRCON 19


FAIRCON is The FAIR Institute’s annual community conference. It brings together hundreds of leading thinkers in security and risk for multiple days of sharing and collaboration.

Register for FAIRCON 19

"FAIR is a quantifiable, repeatable methodology that has a proven model behind it that is actually relevant to our business...we can actually articulate risk and threat likelihood and consequences, it gets us in a good position as a trusted adviser to the board."

Grant Bourzikas, CISO at McAfee

"I think that FAIR is just a phenomenal program for being able to develop a consistent and rigorous methodology to reason about and measure and mitigate your cyber risk."

Zulfikar Ramzan, CTO at RSA

"When virtually every aspect of the business is quantitative...having the CISO give red/yellow/green heat maps is debilitating to decision-making."

Jack Jones, Creator of FAIR and Co-Founder at RiskLens

"If CISOs push back on quantifying potential loss, I find that unacceptable as a board director. CISOs need to advance."

James Lam, Director, E*Trade

Request a Demo

RiskLens is the world leader in helping organizations quantify and manage cyber risk. Contact us today and we'll give you a demo of the RiskLens Platform.

Request a Demo