The FAIR Institute Announces Winners of Annual Excellence Awards at FAIRCON 18 at Carnegie Mellon University in Pittsburgh

Names Jason Ha of PwC Australia, Omar Khawaja of Highmark Health, Dr. Jack Freund of TIAA as 2018 awards recipients. Annual awards recognize excellence in risk management using the Factor Analysis of Information Risk model

PITTSBURGH, Oct. 18, 2018 (GLOBE NEWSWIRE) -- The FAIR Institute, an expert, nonprofit organization led by information risk officers, CISOs and business executives to develop standard information/cyber security and operational risk management practices, recognized three risk management leaders this week during its annual FAIR Conference (FAIRCON18) in Pittsburgh. The FAIR Institute congratulates Jason Ha, Director of the Digital Trust Risk Assurance Practice at PwC Australia for winning the FAIR Ambassador Award; Omar Khawaja, Vice President and Chief Information Security Officer at Highmark Health, on winning the FAIR Business Innovation Award; and Dr. Jack Freund, Director, Cyber Risk for TIAA, for winning the FAIR Champion Award.

The awards were announced and presented at the FAIR Conference this week on the campus of Carnegie Mellon University in Pittsburgh. The FAIR Awards honor risk management leaders for their initiative, ingenuity and contributions to information/cyber security and operational risk management. The awards recognize the deep impact that these professionals have on their organizations in enabling operational excellence and effective decision-making and in balancing the need to protect their organizations while running the business.

"Jason, Omar and Jack exemplify the best in risk management and are some of the most forward-thinking and active members of the FAIR Institute community,” FAIR Institute Chairman, Jack Jones, said. “We are thrilled to recognize their many contributions to advancing the field of risk management through a broader understanding and adoption of the FAIR standard.”

The FAIR Ambassador Award recognizes a FAIR Institute member for bringing FAIR and the Institute to a new part of the world. Infosec veteran Jason Ha received this award for his work in developing the FAIR community and opening the FAIR Chapter in Australia. It was because of his cohesiveness and working with the Australian government to include cyber risk quantification in regulatory requirements that the FAIR standard further expanded across the globe.

The FAIR Business Innovation Award recognizes cyber security and risk professionals who have successfully applied FAIR principles to drive innovation. Innovative leaders like Omar Khawaja are disrupting the status quo by leveraging new analytic capabilities and enabling the communication and management of cyber risk in business terms. From the business perspective, Khawaja led the charge in transitioning from a controls-centric to a risk-centric approach to cybersecurity at Highmark and spearheaded an enterprise-wide effort to change the way the organization thinks, communicates and manages cyber risk through the adoption of the FAIR taxonomy and analysis model.

The FAIR Champion Award recognizes leaders at the forefront of their organization’s FAIR initiative who get data owners on board, stakeholders to help improve analysis, and decision-makers to adopt the analytics results. Dr. Jack Freund has been active in the FAIR community since 2009 and contributed to the body of knowledge and development of OpenFAIR certification in 2013. In 2012, Dr. Freund developed the quantitative cyber risk assessment program at TIAA, and designed and implemented an automated quantitative cyber risk engine that delivers asset-level quantitative risk ratings.

The FAIR Institute is a non-profit, professional organization that shepherds the FAIR standard. Institute membership passed 3,500 in September of 2018, doubling in just one year. Institute Chairman Jack Jones is the creator of FAIR and author of Measuring and Managing Information Risk: A FAIR Approach. At current adoption rates, FAIR is projected to be in use at 30% of the Fortune 1000 by 2020, and FAIRCON18 is a strong indicator of that enthusiasm.

FAIRCON18 was co-hosted by Carnegie Mellon University’s Software Engineering Institute and Heinz College of Information Systems and Public Policy, world centers for information security studies. Follow FAIRCON18 news on Twitter at #FAIRCON18.

About the FAIR Institute
The FAIR Institute is an expert, non-profit organization led by information risk officers, CISOs and business executives, created to develop and share standard information risk management practices based on FAIR. Factor Analysis of Information Risk (FAIR) is the only international standard analytics model for information security and operational risk. FAIR helps organizations quantify and manage risk from the business perspective and enables cost-effective decision-making. To learn more and get involved visit:

Luke Bader
Director, Memberships and Programs

Photos accompanying this announcement are available at

Jason Ha Headshot Omar Khawaja Jack Freund