The quantification of risk has been rising in popularity in cybersecurity circles over the past couple years, as reported by the Wall Street Journal. However, WSJ’s report leaves out one of the most impactful measures for risk: Factor Analysis of Information Risk (FAIR) analysis, the only internationally recognized standard for quantifying risk. The FAIR Institute has developed a robust system of risk management based entirely on quantifications. So, how is the risk exposure calculated in FAIR?
Blog
-
How to Analyze a Cyber Risk Assessment Report
Evaluating and managing risk is the cornerstone of a security leader’s role. To manage risk effectively, you need to know how to analyze a cyber risk assessment report. A risk assessment is a thorough look at everything that can impact your security and the likelihood of that event happening.
-
What Is a FAIR Lending Risk Assessment?
Risk is a key consideration in every element of a financial institution’s business model. Actuarial scientists develop financial risk models that shape banks’ products and services, from savings accounts to loans. And then, of course, security risks shape the ways in which banks safeguard their physical and digital assets and resources. Finally, on a slightly less obvious front, FAIR lending risk assessments also play a vital role in ensuring a financial institution’s long-term health.
-
Tools for Conducting a PIPEDA Self-Assessment
With a flood of new, Canadian government-enforced compliance standards holding organizations accountable, Canada offered its contribution with a 2018 update to the Personal Information Protection and Electronic Documents Act. Since then, organizations doing business with Canadian consumers have taken advantage of various PIPEDA self-assessment tools.
-
Overview of CMMC Level 5 Requirements
Welcome to the fifth and final installment of our series on the Cybersecurity Maturity Model Certification (CMMC), a framework required for companies contracting with the US Department of Defense (DoD). In this guide, we’ll break down everything you need to know about CMMC Level 5. For information about other levels of the CMMC, see our guides, levels 1, 2, 3, and 4.
-
Overview of CMMC Level 4 Requirements
Welcome to the fourth installment of our series on the Cybersecurity Maturity Model Certification (CMMC), a framework required for companies contracting with the US Department of Defense (DoD). In this guide, we’ll break down everything you need to know about CMMC Level 4. For information about other levels of the CMMC, see our guides, levels 1, 2, 3, and 5.
-
Cybersecurity Best Practices for Telemedicine
The telemedicine market is booming. Current expectations forecast the U.S. market alone will exceed $46 billion dollars by 2025. Soon, every major healthcare network will eventually offer patients some form of telehealth services. And with the onset of this new technology, security safeguards for telemedicine are an absolute necessity.
-
What are PIPEDA’S Breach Notification Requirements
Canada sets the pace in the protection of personal data and national data security law. This reflects in the enactment of the Personal Information Protection and Electronic Documents Act (PIPEDA). PIPEDA’s breach notification requirements are important for businesses situated in Canada.
-
What is Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA)?
If your company does business in Canada, it needs to be familiar with the Personal Information Protection and Electronic Documents Act (PIPEDA). The country’s federal privacy act covers all private-sector organizations that collect, disclose, or use personal information. The law not only applies to companies in Canada but also to international businesses.
-
Top CIS CSC Cybersecurity Best Practices
Cybersecurity is an important aspect of business that organizations are beginning to pay attention to all over the world. Although organizations usually adopt their own strategic measures to handle and shield their networks from potential cyberattack, many of these measures are often inadequate. To guarantee maximum protection against shifting cyber threats, every organization needs to be abreast of cybersecurity best practices.