The FAIR Institute, a non-profit organisation advancing Factor Analysis of Information Risk (FAIR), the international standard for cyber and operational risk analysis and quantification, has reached the milestone of 10,000 members in under five years.
Institute members come from 118 countries and represent 40 percent of Fortune 1000 companies and 25 percent of Forbes Global 2000 organisations. Members also represent 20 different US federal agencies and participate in 23 local chapters around the world. In 2019, the FAIR Institute was recognised by SC Magazine as one of the three most influential security industry associations of the last 30 years.
It’s been a year of growth and recognition for FAIR and the FAIR Institute. In 2020, the National Institute of Standards and Technology (NIST) recommended risk quantification and FAIR in a new standard for integrating cybersecurity with ERM (NISTIR 8286). The Committee of Sponsoring Organisations (COSO) issued its first guidance document on applying the widely used COSO ERM Framework to cyber risk management and recommended the use of FAIR, and the National Association of Corporate Directors (NACD) Cyber Risk Oversight Handbook also endorsed the use of quantitative risk models including FAIR.
Also in 2020, the FAIR Institute and HITRUST launched an effort to integrate FAIR with the HITRUST CSF, the cybersecurity controls framework in use at hundreds of thousands of organisations. More than 2,000 risk, security and business management professionals attended the 2020 FAIR Conference, the premiere global quantitative risk management conference, a record attendance figure, and more than 1,000 risk professionals learned to apply FAIR risk quantification at Institute-sanctioned training courses.
FAIR Institute founder and president Nick Sanna said: “The FAIR Institute’s growth to 10,000 members and its transformational impact in the risk management industry exceeded our wildest expectations.
“It is a sign of the growing need for organisations to factor risk in business decision-making, especially at a time when many are accelerating digital transformation initiatives and asked to reduce cost at the same time.
“I am very grateful for the generous contributions provided by our members and sponsor organisations and we look forward to continuing to work for the advancement of the risk profession and the establishment of internationally recognised and standard risk modelling and quantification practices.”
FAIR Institute, Cyber, Risk Management, Insurance, Reinsurance, Nick Sanna, North America