← Cybersecurity Alphabet Soup

FAIR

Factor Analysis of Information Risk

governancemedium

A model for quantifying cyber risk in financial terms rather than with qualitative labels like high, medium, and low. It breaks risk down into the frequency of loss events and the magnitude of loss, letting analysts express exposure in dollars. Boards and CISOs use FAIR to prioritize security investments and compare cyber risk against other business risks.

Sources

More in governance