Ford and Geely Explore Strategic Manufacturing Partnership in Europe 
TrumpRx Website Launches to Offer Discounted Prescription Drugs for Cash-Paying Americans 
AMD Shares Slide Despite Earnings Beat as Cautious Revenue Outlook Weighs on Stock 
Prudential Financial Reports Higher Q4 Profit on Strong Underwriting and Investment Gains 
Once Upon a Farm Raises Nearly $198 Million in IPO, Valued at Over $724 Million 
Nintendo Shares Slide After Earnings Miss Raises Switch 2 Margin Concerns 
Nvidia, ByteDance, and the U.S.-China AI Chip Standoff Over H200 Exports 
Nvidia CEO Jensen Huang Says AI Investment Boom Is Just Beginning as NVDA Shares Surge 
Amazon Stock Rebounds After Earnings as $200B Capex Plan Sparks AI Spending Debate 
SoftBank Shares Slide After Arm Earnings Miss Fuels Tech Stock Sell-Off 
SpaceX Pushes for Early Stock Index Inclusion Ahead of Potential Record-Breaking IPO 
Baidu Approves $5 Billion Share Buyback and Plans First-Ever Dividend in 2026 
Tencent Shares Slide After WeChat Restricts YuanBao AI Promotional Links 
Anthropic Eyes $350 Billion Valuation as AI Funding and Share Sale Accelerate 
Sony Q3 Profit Jumps on Gaming and Image Sensors, Full-Year Outlook Raised 
TSMC Eyes 3nm Chip Production in Japan with $17 Billion Kumamoto Investment 
SpaceX Prioritizes Moon Mission Before Mars as Starship Development Accelerates 
Reston, Virginia, Nov. 20, 2017 -- FOR IMMEDIATE RELEASE
|
|||||
FAIR INSTITUTE RELEASES 2017 RISK MANAGEMENT MATURITY BENCHMARK SURVEY FINDINGS
Results show low risk management maturity levels regardless of industry or organization size; findings suggest cyber and technology risk managers may be going through the motions of risk management without addressing the fundamentals of well-informed decision-making or reliable execution.
Reston, Va., Nov. 20, 2017—The FAIR Institute, an expert non-profit organization led by information risk officers, CISOs and business executives to advance the discipline of measuring and managing information and operational risk, today released key findings and conclusions from its 2017 Risk Management Maturity Benchmark Survey, sponsored by RiskLens and RSA.
The FAIR Institute and RSA will hold a joint webinar Tuesday, Dec. 5, at 3 p.m. (ET), to discuss key findings. The webinar will be hosted by FAIR Institute Chairman Jack Jones and will dive into the current state organizational risk management and recommendations on how organizations can move forward in effectively aligning their risk posture.
FAIR Institute Chairman Jack Jones commented: “Our survey was undertaken to help gauge the current state of cyber and technology risk management maturity. The intent being, if we know our strengths and weaknesses — and their significance — then we can make informed choices about how to improve over time. On the webinar we will deep-dive into key findings and conclusions, including why just five percent of all respondents rated their organizations as ‘Strong’ across ten or more of fourteen factors.”
The report’s key findings show cyber and technology risk management programs going through the motions on risk management, putting policies, processes and technologies in place without addressing the fundamentals of well-informed decision-making and reliable execution. As a result, these programs are more likely to:
- Struggle with identifying and maintaining a focus on their most significant priorities, wasting limited resources on lower risk concerns and potentially delaying remediation of truly high risk concerns.
- Implement risk mitigations that are less cost-effective, missing the opportunity to apply the misspent resources on other risk concerns or business opportunities.
- Experience control failures due to unreliable execution, which introduces avoidable levels of risk.
- Experience a ‘risk management groundhog day’ — repeatedly experiencing the same failures by not recognizing and treating root causes.
The survey, administered Aug. 1 to Sept. 8, was completed by 114 respondents who identified as: Chief Information Security Officer (24%); Cyber Security Specialist (20%); Risk Officer (16%); Risk Analyst (11%); and C-Level Executive (6%); 22% chose ‘Other’ to describe their role within their organization.
A wide variety of industries and organization types were represented: Banking/Finance (27%); Technology (23%); Healthcare (8%); Insurance (7%); Manufacturing (5%); Retail (4%); Telecommunication (3%); Transport/Logistics (3%); 19% of respondents selected ‘Other’ to describe their industry.
Survey respondents represented organizations of various sizes, with smaller and larger organizations making up over half of all responses: less than $500M in annual revenue (31%) or greater than $20B in revenue (25%). Typical midrange organizations had annual revenue between $500M and $1B (11%), $1B to $5B (16%), and $5B to $20B (18%).
About the FAIR Institute
In less than two years, The FAIR Institute has attracted more than 2,000 members and established itself as the premier organization for learning how to manage information and operational risk from a business perspective, enabling cost-effective decision-making. An expert, non-profit organization led by information risk officers, CISOs and business executives, the FAIR Institute was created to develop and share standard information and operational risk management practices based on FAIR. Factor Analysis of Information Risk (FAIR) is the only international standard value-at-risk model for information security and operational risk. To learn more and get involved visit: www.fairinstitute.org.
###
Media-analyst contact: Jim Engineer, Rainmaker Growth Partners for The FAIR Institute: 630.728.1387
