RESTON, Va., — The FAIR Institute, an expert, nonprofit organization led by information risk officers, CISOs and business executives to develop standard, quantitative information and operational risk management practices, announced today that membership now surpasses 4,000 people across 87 countries worldwide.
The rapid growth in members – up by more than one-third in less than six months – is an indication of the rising importance global businesses are placing on quantifying cyber and operational risk in economic terms. It adds emphasis to the role that Factor Analysis of Information Risk (FAIR), the only international standard value-at-risk model for cyber and operational risk, plays in making quantitative risk management programs possible. The FAIR Institute educates the security and risk management communities on FAIR through educational programs, the annual FAIR Conference, its website, and thought leadership from FAIR champions and Jack Jones, FAIR Institute Chairman and original author of the FAIR model.
A look at the Institute’s membership base demonstrates the breadth of FAIR’s growing appeal:
According to a recent article in The Wall Street Journal’s WSJ Pro Cybersecurity Newsletter, “Companies are moving to deploy methods to calculate the financial impact of cyber threats. Analysts say FAIR is gaining traction, especially among large corporations that already have experience with cyber risk analysis.”
The membership milestone caps a year of achievements for the FAIR Institute. In 2018:
FAIR Institute Chairman Jack Jones commented, “We are thrilled to see the momentum building behind the FAIR model and to see the Institute grow at such a rapid pace. It speaks volumes to the fact that the information security community is finally abandoning the notion that cyber risk cannot be quantified. We are observing the same trends for operational risk. When virtually every aspect of the business is quantitative, having the CISO or the head of Ops Risk give red/yellow/green heat maps is debilitating to decision making. With the continued growth of the FAIR community and the help of its champions, we are moving closer to the day when businesses can finally see cyber and operational risk through a financial lens and make business decisions accordingly.”
About the FAIR Institute
The FAIR Institute is an expert, non-profit organization led by information risk officers, CISOs and business executives, created to develop and share standard information risk management practices based on FAIR. Factor Analysis of Information Risk (FAIR) is the only international standard analytics model for information security and operational risk. FAIR helps organizations quantify and manage risk from the business perspective and enables cost-effective decision-making. To learn more and get involved visit: www.fairinstitute.org.