Risk

2/15/2018
01:00 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Fair Institute To Hold 3rd Annual Fair Conference (Faircon18) At Carnegie Mellon University, Oct. 14 -18, Focused On Advancing Cyber, Operational Risk Management

Carnegie Mellon University's Software Engineering Institute (SEI) and the Heinz College of Information Systems and Public Policy will host the industry's-leading conference focused on managing cyber and operational risk from a business perspective.

RESTON, VA and PITTSBURGH, PA, Feb. 12, 2018—The FAIR Institute, an expert, nonprofit organization led by information risk officers, CISOs and business executives to develop standard information and operational risk management practices, today announced it will hold its flagship event, the 3rd annual FAIR Conference (FAIRCON18), Oct. 14 – 18, on the campus of Carnegie Mellon University in Pittsburgh. Oct.

The FAIR Institute is helping organizations move from a compliance-based approach to cybersecurity toward a business-aligned, risk-driven methodology, leveraging the Factor Analysis of Information Risk (FAIR) standard, the internationally recognized standard for modeling and quantifying information and operational risk. 

FAIRCon18 will be hosted by Carnegie Mellon’s Heinz College and Software Engineering Institute and will bring together global leaders in information technology, cybersecurity, and IT management. The CERT cybersecurity Division of the SEI is the world’s leading trusted authority dedicated to improving the security and resilience of computer systems and networks, and highly regarded as a national asset in the field of information security. Heinz College offers the world’s number one ranked graduate program in Information Security, Policy, and Management, as well as groundbreaking executive education programs for CISOs and Chief Risk Officers.

Building on the success of the first two FAIR Conferences and a surge in FAIR Institute membership, now approaching 3,000 of the world’s leading security, technology and risk leaders, FAIRCON18 will officially expand in format to a multiple day event.

The event will feature in-depth training seminars, insightful presentations from industry leaders, candid executive and practitioner-led discussions and keynotes aimed at driving awareness, knowledge and the development of operational blueprints for building quantitative risk management programs. 

FAIRCON18 will attract C-suite officers and practitioners responsible for information and operational risk management decisions. The event will unite leaders in information and operational risk management to explore FAIR best practices that produce greater value and alignment with business goals. Interested parties are encouraged to register for the event as soon as possible as space is limited. 

To register visit: http://www.fairinstitute.org/faircon18

FAIRCON18 attendees will benefit by:

  • gaining strategic insight on information risk management from industry leaders;
  • learning about real-world implementations from FAIR Champions;
  • understanding how the FAIR standard is breaking down entrenched communication barriers between IT and the business, enabling cost-effective decision-making;
  • networking with industry peers; and
  • availing themselves of optional, in-depth FAIR training courses

About Carnegie Mellon University’s Heinz College

The Heinz College of Information Systems and Public Policy is home to two internationally recognized graduate-level institutions at Carnegie Mellon University: the School of Information Systems and Management and the School of Public Policy and Management. This unique colocation combined with its expertise in analytics set Heinz College apart in the areas of cybersecurity, health care, the future of work, smart cities, and arts & entertainment. In 2016, INFORMS named Heinz College the #1 academic program for Analytics Education. For more information, please visit www.heinz.cmu.edu.

About the FAIR Institute

The FAIR Institute is an expert, non-profit organization led by information risk officers, CISOs and business executives, created to develop and share standard information risk management practices based on FAIR. Factor Analysis of Information Risk (FAIR) is the only international standard analytics model for information security and operational risk. FAIR helps organizations quantify and manage risk from the business perspective and enables cost-effective decision-making. To learn more and get involved visit: www.fairinstitute.org.

###

Media Contact:

Stephen Ward

VP, Marketing

703.994.9349

[email protected]

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Higher Education: 15 Books to Help Cybersecurity Pros Be Better
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Worst Password Blunders of 2018 Hit Organizations East and West
Curtis Franklin Jr., Senior Editor at Dark Reading,  12/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
10 Best Practices That Could Reshape Your IT Security Department
This Dark Reading Tech Digest, explores ten best practices that could reshape IT security departments.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-20168
PUBLISHED: 2018-12-17
Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic) via a crafted application.
CVE-2018-20167
PUBLISHED: 2018-12-17
Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME typ...
CVE-2018-20161
PUBLISHED: 2018-12-15
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the...
CVE-2018-20159
PUBLISHED: 2018-12-15
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a "...
CVE-2018-20157
PUBLISHED: 2018-12-15
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.