888.742.4090

Cyber Risk Management

3-Day Course

Reston, Virginia

in partnership with

For analysts and team leaders looking for risk training and certification in essentials of Factor Analysis of Information Risk (FAIR)

Who is the Cyber Risk Management course for?

 

This course is intended for anyone interested in cyber risk quantification and designed for individuals and organizations that need to build a risk management program from the ground up or strengthen an existing one. The course lecture and training can be adjusted to different levels of seniority.

 

Risk Analysts

Learn how to communicate cyber threats by priority and contribute to a financial analysis of the amount of risk investigated.

 

Project Managers

Learn how to coordinate a team and deliver a comprehensive financial risk assessment related to cyber risk exposure to executives and decision makers.

 

C-Suite

Learn about the important trends in quantifying risk, regulations increasingly scrutinizing cyber risk exposure, and communicating key risk assessments to a board of directors. Appropriate for the CEO, CFO, CIO, and CISO positions.

What is Cyber Risk Quantification?

 

Cyber Risk Quantification is the identification of key business risk elements and application of a defensible model to determine risk in terms of financial cost. The use of a cyber risk ecosystem directly ties cybersecurity expenditures to core business functions, reducing business risk while providing logical and presentable plans of action that decision makers can understand, implement, and measure. The practice also conducts a return-on-investment analysis on existing and potential resources used to combat cyber risk. Evolver’s risk experts apply the FAIR model in cyber risk quantification and students of the 3-day course will be prepared to take a FAIR certification exam at course completion.

What is FAIR?

 

FAIR (Factor Analysis of Information Risk) is an industry standard cyber risk model for information security and operational risk. This class will show students how to use the FAIR model to deliver financially derived results tailored for enterprise cyber risk management. The FAIR cyber risk model is rapidly being adopted worldwide in all industries, especially in finance, government, healthcare, and retail. Intended for individuals and organizations that need to build a risk management program from the ground up or strengthen an existing one, this class provides a unique and fresh approach on how to do a basic quantitative risk analysis. This class covers key areas such as risk theory, risk calculation, scenario modeling, and communicating risk within the organization.

Course Description & Goals

 

This class will show students how to use the FAIR model to deliver financially derived results tailored for enterprise cyber risk management. Key areas covered include risk theory, risk calculation, scenario modeling, and communicating risk within the organization. Students who complete the course will know how to prepare for the Open Group FAIR Certification exam using the materials provided.

 

Students who successfully complete this course will also demonstrate an ability to:

 

⚑ Think critically about cyber risk management methods
⚑ Define, calculate, and analyze cyber risk in a defensible way
⚑ Leverage a probabilistic mindset when evaluating risk
⚑ Demonstrate a working knowledge of the FAIR framework
⚑ Translate cyber risk analysis into meaningful business decisions

Instructors

Chip Block, Vice President and Certified Open FAIR Analyst, Evolver, Inc.

 

Mr. Block has over 30 years of advanced technology research and development experience and has spent the last 15 years in the information assurance and cyber technology arenas. He leads new market and technology development at Evolver.

 

He advises Evolver’s clients on cyber operations, cyber risk quantification and cyber insurance. Specific to cyber risk quantification, he works with clients to identify key business risk elements for ROI analysis, insurance considerations and streamlining vendor management utilizing the FAIR methodology.

 

Mr. Block was awarded an R&D 100 award as co-principal investigator in 2003. He is an author and frequent speaker on cyber risk quantification, medical devices and the Internet of Things. He is a graduate of the University of Notre Dame, the chair of the FAIR Institute’s DC Chapter, and a certified Open FAIR analyst.

Chip Block Evolver

Dave Pearl, Executive Director for Cyber Programs and Certified Open FAIR Analyst, Evolver, Inc.

 

Mr. Pearl has over 20 years of experience leading major technology initiatives and complex IT programs with a worldwide footprint to federal and commercial clients. Mr. Pearl has held various leadership positions, most recently at Grant Thornton and Deloitte. Notable projects include the development of cyber architecture for a federal agency and quantification of operational risks to assess impact on program budgets for a large, international organization.

 

Mr. Pearl is a certified program management professional (PMP), ITIL v.3 expert, and certified Open FAIR analyst. He has a certificate in Strategic Executive Leadership from Yale University. He holds a post masters in Information Systems and an M.B.A. with a concentration in Finance from The George Washington University, and a B.S. in Finance from Virginia Tech. He is also completing a Masters in Cybersecurity Technology from University of Maryland University College.

Edward Peck, Cybersecurity Consultant and Certified Open FAIR Analyst, Evolver, Inc.

 

Mr. Peck consults and leads workshops for Evolver’s corporate and government clients as well as university partners on the FAIR framework and how to apply its methodology to real world scenarios. His extensive experience enables Mr. Peck to leverage first-hand knowledge of FAIR-based cyber risk management success in the classroom.

 

Prior to joining Evolver, Mr. Peck spent nearly two decades in the cybersecurity arena in various capacities. Most recently, he conducted FAIR assessments for a major east coast financial institution. He was also a security controls assessor helping identify security-related gaps in various sized enterprises as well as a cybersecurity engineer responsible for designing and documenting appropriate security controls for networks and applications.

 

Mr. Peck received his B.S. in Business from Mount St. Mary’s University. He is a Certified Information Systems Security Professional (CISSP) with a concentration in Engineering (CISSP-ISSEP), a certified Open FAIR analyst and a member of the FAIR Institute’s DC Chapter.

Registration Information

Location:
Evolver Headquarters

1943 Isaac Newton Square East, Suite 260

Reston, VA 20190

 

Questions related to registration or billing?
Contact George Mason Executive and Professional Education
703-993-2109