The Impact of FAIR on Risk Management with Jack Jones | Razorthorn Security
Welcome to Razorwire, the podcast that cuts through cybersecurity and risk management complexities. Host Jim welcomes Jack Jones, creator of the FAIR risk methodology, for an in-depth discussion on how his approach has transformed information security risk perception and management.
Jack shares his journey from facing scepticism to global recognition, detailing the development of FAIR and its impact on the industry. He also previews his upcoming book on the controls analytics model, exploring the future of risk management and FAIR's role in advancing cybersecurity practices.
Key Highlights:
Demystifying FAIR: Insight into Jack Jones's pioneering FAIR risk methodology, its global adoption, and its role in simplifying risk management.
Overcoming Challenges: Jack's narrative of overcoming industry resistance to establish a new risk assessment paradigm, now embraced by the FAIR Institute and Open FAIR standard.
Beyond Cybersecurity: The adaptability of FAIR across various sectors, showcasing its broad applicability and future potential.
This episode is essential for cybersecurity professionals looking to refine their risk management approach. Dive into the insights and stories from the field's frontrunners on Razorwire.
Episode Topics:
FAIR Risk Methodology: Simplifying risk management by addressing subjective probability factors.
Development Journey: The origins and inspirations behind FAIR.
Industry Acceptance: From initial pushback to global adoption and the founding of the FAIR Institute.
Future Directions: Discussing FAIR's expansion beyond cybersecurity and advancements in risk quantification.
Guest Bio:
Jack Jones, with 35+ years in information security, including roles as a CISO, has significantly contributed to the field, recognised by ISSA and CSO Compass awards. He led the development of ISACA’s CRISC certification and teaches at Carnegie Mellon University. Jack created FAIR, adopted as an international standard, and co-authored a book on the methodology, inducted into the Cyber Security Canon.
More Episodes:
Cybersecurity in 2024: https://www.razorthorn.com/cybersecurity-in-2024-expert-predictions-you-need-to-know/
Cyber Mercenaries and Governments: https://www.razorthorn.com/the-rise-of-cyber-mercenaries-governments-secret-weapons-in-cyber-warfare/