RiskLens and the FAIR risk model are change agents in the world of cyber risk management and the most popular blog posts we published in 2018 are a leading indicator of where the movement is heading. Take a look at the Top 10, by page views:
By far, the best read post of the year – the powerful regulatory agency set a new disclosure standard by which the 'costs' or losses associated with cyber risks and breaches need to be assessed in monetary terms, requiring public companies to make a serious move to cyber risk quantification.
This well-used tool is almost a symbol of qualitative, take-a-guess cyber risk reporting but, as this blog post shows, “you can build a heat map on a solid foundation of objective, quantitative analysis,” clearly good news to our blog readers.
Drawing on her experience as an auditor, RiskLens Risk Consultant Taylor Maze tells her former brethren how they can improve their jobs by taking a broader look at controls from the point of view of risk to their organizations.
Important recognition from the leading technology analyst firm. Gartner listed "Risk Quantification & Analytics" as part of five critical capabilities of IRM. If you're not quantifying, you're not truly evaluating cyber risk, Gartner said.
More recognition for the quantitative cyber risk analytics movement, this time from the leader in financial media. “Companies are moving to deploy methods to calculate the financial impact of cyber threats,” the Journal writes in a profile of the FAIR program at Charles Schwab. “Analysts say FAIR is gaining traction, especially among large corporations that already have experience with cyber risk analysis.”
This post performed well on Google, indicating high interest in the world of risk management for an approach to cyber risk on a par with other risk disciplines, where results rendered in financial terms are the norm. Probably a lot of folks learned about FAIR for the first time by landing on this blog post. Welcome to the movement.
This personal journey by RiskLens Risk Consultant Tim Wynkoop from an analyst at financial institutions frustrated with illogical, qualitative risk measurement to a believer in the quantitative method, struck a chord with many readers.
“I see RiskLens as the right product at the right time,” James said. “The demand is there, and in terms of value, I think it’s best in class. The association with the FAIR Institute gives the company a distinct advantage in terms of having a widely accepted risk quantification methodology.”