FAIR

Place Information Risk Accountability at the Right Level

Published March 7, 2020 | By Dan Blum

Too often, information risk accountability isn’t at the right level due to poor alignment between security and business leaders. It’s time to transform the way we communicate risk to the business. When the security program struggles with an issue, bring… Continue reading →

Posted in Dan Blum, Rational Cybersecurity | Tagged accountability, corporate risk accountability, enterprise risk management, ERM, Factor Analysis of Information Risk, FAIR, information risk, rational cybersecurity, risk, risk management

FAIRCON Showcases Quantitative Risk Analysis on the Cusp of Adoption

Published November 4, 2018 | By Dan Blum

At FAIRCON 2018, keynote speakers described FAIR as a quantitative risk analysis “movement” to change the way industry measures and manages risk. Deep, ongoing frustration in business and government circles with the seeming inability of increased cybersecurity spending to stop… Continue reading →

Posted in Dan Blum | Tagged FAIR, risk, risk analysis, risk assessment, risk management

Open FAIR Complements Risk Management Programs

Published August 6, 2018 | By Dan Blum

Open Factor Analysis of Information Risk (Open FAIR) from the Open Group is the industry standard for quantitative risk assessment, and the first successful methodology of this kind. Open FAIR consists of a Risk Taxonomy Technical Standard … Continue reading →

Posted in Dan Blum | Tagged FAIR, risk management

May Calendar: Richmond IAM Users Group, DC FAIR Chapter, and European Identity Conference

Published April 29, 2018 | By Dan Blum

April showers, May flowers. A busy April is drawing to a close. We are back from RSA, and left one post so far on the KuppingerCole web site. Another is expected soon on “Passwordless Authentication? FIDO, Finally, Almost…”

RSA’s 2018… Continue reading →

Posted in Coming Events | Tagged FAIR, IAM, IAM UG, KuppingerCole, OAuth, risk management

Attending DC FAIR Insititute Chaper Meeting on February 2nd

Published January 27, 2018 | By Dan Blum

FACTOR ANALYSIS OF INFORMATION RISK (FAIR) INSTITUTE DC CHAPTER MEETING INFORMATION

When: Friday, February 2^nd from 8:30 am to 10:00 am
Where: Evolver Inc. (1943 Isaac Newton Square, Suite 260 Reston, VA 20190)
REGISTER

We are just a… Continue reading →

Posted in Coming Events | Tagged FAIR, risk management

How to Build Security and Risk Management into Agile Environments

Published October 20, 2017 | By Dan Blum

Agile security and risk management are possible. This post is the third of three covering agile security challenges, opportunities, and good practices. It also discusses the taxonomy and instrumentation required to operationalize an agile risk management framework down to the… Continue reading →

Posted in Dan Blum | Tagged agile, agile risk management, Devops, DevSecOps, FAIR, risk management, UNCC

Speaking on Third Party Risk at the FAIR Institute Chicago Chapter Meeting

Published September 23, 2017 | By Dan Blum

Dan Beckett and Dan Blum from Security Architects Partners will be speaking at the Factor Analysis of Information Risk (FAIR) Institute Chicago Chapter meeting.

When: Thursday, October 5, 2017, 3:30 – 5 PM CDT
Where: Northern… Continue reading →

Posted in Coming Events, Dan Blum | Tagged FAIR, risk management