The FAIR risk assessment methodology aims to find cybersecurity vulnerabilities within a system. Factor Analysis of Information Risk (FAIR) is a framework that provides defense against online threats by using mathematical concepts of precision and accuracy. (more…)
Category: Compliance Standards
Staying informed about all of the cyber security compliance standards is essential to keeping your company safe from hackers. Read on to learn about the various steps you can take to stay up to date with your industry’s compliance standards.
-
Top 5 Industries That Need The CIS Security Control Framework
The introduction of new technologies has many industries peddling on the backfoot when it comes to cybersecurity. The CIS critical security controls framework addresses the issues that industries face when it comes to best practice cybersecurity.
-
How To Avoid GDPR Fines and Penalties
With record-breaking GDPR fines and penalties reaching 50 million euros, it might be time to revise your GDPR compliance strategy.
-
Top Critical Security Controls for Effective Cyber Defense
As technology evolves and advances, cybercriminals are increasingly becoming more sophisticated. According to a cybercrime report, there’s a hacker attack every 39 seconds. The impact of a cyberattack on any company can be devastating, so companies need to pay serious attention to critical security controls for effective cyber defense.
-
The Best Cybersecurity Tools for CIS CSC Compliance
To strengthen the defense of your organization’s network system, you need effective cybersecurity assessment tools that can help you achieve compliance with relevant cybersecurity regulations. Thanks to the power of the web and the internet, the world has grown smaller and closer in reach. On the other hand, however, cyberattackers have also grown more sophisticated in their perpetration of cybercrimes and data breaches.
-
How to Map CIS Controls v7.1 to NIST CSF
Earlier this year, the Center for Internet Security (CIS) realeased the newest edition of their Critical Security Controls, CIS Controls v7.1. For many institutions, the implementation of these new protocols requires adaptation to other frameworks and compliance obligations, like mapping onto the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF).
-
NIST 800-171 Implementation Guide for Small-Medium Sized Businesses
Any business owner who wants to work with the Department of Defense (DOD) has to ensure their organization is secured against cybercrime. While even large firms can have trouble keeping up with safety rules and regulations, it’s uniquely burdensome for smaller companies with modest IT budgets. That’s why we’ve put together this dedicated NIST CSF and NIST 800 171 implementation guide targeted specifically at small to medium businesses.
-
How is Risk Exposure Calculated in FAIR?
The quantification of risk has been rising in popularity in cybersecurity circles over the past couple years, as reported by the Wall Street Journal. However, WSJ’s report leaves out one of the most impactful measures for risk: Factor Analysis of Information Risk (FAIR) analysis, the only internationally recognized standard for quantifying risk. The FAIR Institute has developed a robust system of risk management based entirely on quantifications. So, how is the risk exposure calculated in FAIR?
-
What Is a FAIR Lending Risk Assessment?
Risk is a key consideration in every element of a financial institution’s business model. Actuarial scientists develop financial risk models that shape banks’ products and services, from savings accounts to loans. And then, of course, security risks shape the ways in which banks safeguard their physical and digital assets and resources. Finally, on a slightly less obvious front, FAIR lending risk assessments also play a vital role in ensuring a financial institution’s long-term health.
-
Tools for Conducting a PIPEDA Self-Assessment
With a flood of new, Canadian government-enforced compliance standards holding organizations accountable, Canada offered its contribution with a 2018 update to the Personal Information Protection and Electronic Documents Act. Since then, organizations doing business with Canadian consumers have taken advantage of various PIPEDA self-assessment tools.