Among the events RSA scheduled centering on FAIR:
Off-campus, the FAIR Institute’s annual breakfast meeting featured speakers from Fannie Mae and Ascena Retail, discussing their quantified risk management program implementations (see the Institute’s blog post on the breakfast for details). The RiskLens Academy ran a well-attended two-day FAIR Fundamentals course.
Meanwhile, the RiskLens crew was all fully scheduled with client and prospect meetings, talking up the newly introduced RF-EM.
The meetings offered a good cross section of the current thinking on the state of risk management, and here are the takeaways from RiskLens CEO Nick Sanna:
“I’ve been in meetings with industry leaders in security, IRM, risk ratings, third party risk management vendors and application security vendors."
“They are getting requests that the value of their solutions be articulated in business terms."
“All of these categories are coming to the conclusion that cyber risk management in the future will be quantitative and the model that will be used in the future is FAIR and the best platform to do quantitative cyber risk management at scale is RiskLens."
“This is leading us to consider integrating with many of these players over the course of the next year, and ensure that quantitative risk assessments become embedded in wider cybersecurity strategies.”
RiskLens already is integrated into leading GRC and IRM platforms – that’s Orion Suydam, Vice President of Product in the photo demonstrating the RiskLens-ServiceNow integration at RSAC 2020 – but stay tuned.