Overview
This advanced training enables practitioners to understand how cybersecurity controls influence risk and to model their effectiveness using the FAIR-CAM™ (Controls Analytics Model). Participants analyze attack chains, identify control functions, and learn to estimate security control effectiveness based on measurable dimensions.
The course demonstrates how to aggregate these elements to quantify control impact on loss probability and integrate the results into comprehensive FAIR™ analyses.
Who is this for?
- CISOs and Heads of Information Security
- Risk and cybersecurity analysts
- GRC consultants
- Technical auditors
- FAIR practitioners seeking deeper analysis of security controls
What you'll learn
- Understand how security controls influence loss event frequency and magnitude
- Identify control functions within an attack chain
- Evaluate operational effectiveness of security controls using measurable criteria
- Model the aggregated effect of security controls on loss probability using FAIR-CAM
- Integrate FAIR-CAM results into FAIR analyses to quantify risk reduction
Format & duration
4 hours · Instructor-led, on-site or remote
4 CPE credits awarded on completion.
Prerequisites
Completion of a FAIR practitioner course (ED-IN-02 / ED-EL-02) or practical knowledge of the FAIR model is required.
