01:00 PM
Dark Reading
Dark Reading
Products and Releases

Fair Institute To Hold 3rd Annual Fair Conference (Faircon18) At Carnegie Mellon University, Oct. 14 -18, Focused On Advancing Cyber, Operational Risk Management

Carnegie Mellon University's Software Engineering Institute (SEI) and the Heinz College of Information Systems and Public Policy will host the industry's-leading conference focused on managing cyber and operational risk from a business perspective.

RESTON, VA and PITTSBURGH, PA, Feb. 12, 2018—The FAIR Institute, an expert, nonprofit organization led by information risk officers, CISOs and business executives to develop standard information and operational risk management practices, today announced it will hold its flagship event, the 3rd annual FAIR Conference (FAIRCON18), Oct. 14 – 18, on the campus of Carnegie Mellon University in Pittsburgh. Oct.

The FAIR Institute is helping organizations move from a compliance-based approach to cybersecurity toward a business-aligned, risk-driven methodology, leveraging the Factor Analysis of Information Risk (FAIR) standard, the internationally recognized standard for modeling and quantifying information and operational risk. 

FAIRCon18 will be hosted by Carnegie Mellon’s Heinz College and Software Engineering Institute and will bring together global leaders in information technology, cybersecurity, and IT management. The CERT cybersecurity Division of the SEI is the world’s leading trusted authority dedicated to improving the security and resilience of computer systems and networks, and highly regarded as a national asset in the field of information security. Heinz College offers the world’s number one ranked graduate program in Information Security, Policy, and Management, as well as groundbreaking executive education programs for CISOs and Chief Risk Officers.

Building on the success of the first two FAIR Conferences and a surge in FAIR Institute membership, now approaching 3,000 of the world’s leading security, technology and risk leaders, FAIRCON18 will officially expand in format to a multiple day event.

The event will feature in-depth training seminars, insightful presentations from industry leaders, candid executive and practitioner-led discussions and keynotes aimed at driving awareness, knowledge and the development of operational blueprints for building quantitative risk management programs. 

FAIRCON18 will attract C-suite officers and practitioners responsible for information and operational risk management decisions. The event will unite leaders in information and operational risk management to explore FAIR best practices that produce greater value and alignment with business goals. Interested parties are encouraged to register for the event as soon as possible as space is limited. 

To register visit: http://www.fairinstitute.org/faircon18

FAIRCON18 attendees will benefit by:

  • gaining strategic insight on information risk management from industry leaders;
  • learning about real-world implementations from FAIR Champions;
  • understanding how the FAIR standard is breaking down entrenched communication barriers between IT and the business, enabling cost-effective decision-making;
  • networking with industry peers; and
  • availing themselves of optional, in-depth FAIR training courses

About Carnegie Mellon University’s Heinz College

The Heinz College of Information Systems and Public Policy is home to two internationally recognized graduate-level institutions at Carnegie Mellon University: the School of Information Systems and Management and the School of Public Policy and Management. This unique colocation combined with its expertise in analytics set Heinz College apart in the areas of cybersecurity, health care, the future of work, smart cities, and arts & entertainment. In 2016, INFORMS named Heinz College the #1 academic program for Analytics Education. For more information, please visit www.heinz.cmu.edu.

About the FAIR Institute

The FAIR Institute is an expert, non-profit organization led by information risk officers, CISOs and business executives, created to develop and share standard information risk management practices based on FAIR. Factor Analysis of Information Risk (FAIR) is the only international standard analytics model for information security and operational risk. FAIR helps organizations quantify and manage risk from the business perspective and enables cost-effective decision-making. To learn more and get involved visit: www.fairinstitute.org.


Media Contact:

Stephen Ward

VP, Marketing


[email protected]


Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Who Does What in Cybersecurity at the C-Level
Steve Zurier, Freelance Writer,  3/16/2018
Microsoft Report Details Different Forms of Cryptominers
Kelly Sheridan, Staff Editor, Dark Reading,  3/13/2018
New 'Mac-A-Mal' Tool Automates Mac Malware Hunting & Analysis
Kelly Jackson Higgins, Executive Editor at Dark Reading,  3/14/2018
Register for Dark Reading Newsletters
White Papers
Current Issue
How to Cope with the IT Security Skills Shortage
Most enterprises don't have all the in-house skills they need to meet the rising threat from online attackers. Here are some tips on ways to beat the shortage.
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.