MEDIA ADVISORY: 2022 FAIR Conference to Explore Scaling Risk Management Practices to Tackle Growing Cyber Threats

Hybrid in-person and virtual event on Sept. 27-28 in Washington, D.C., and online

Media Passes: To access FAIRCON22 event sessions in person or online, contact Luke Bader, director, membership and programs, FAIR Institute,; or Eskenzi PR: Avery MacGregor,, 978.290.2970; or Cathy Morley Foster,, 925.708.7893.

RESTON, Va., Sept. 26, 2022 (GLOBE NEWSWIRE) --  What: As financial stakes in cybersecurity grow higher, FAIR Institute, the non-profit professional organization that advances measuring and managing risk, is doubling down to help businesses and organizations protect their most valuable assets with its 2022 FAIR Conference (FAIRCON22). The annual event, this year themed, "Scale: Risk Management to the Next Level," will bring together thought leaders in cyber and operational risk management to discuss best FAIR™ (Factor Analysis of Information Risk) practices to develop increased value and alignment with business goals.

When: This premiere global risk management conference will be held in-person at the Mandarin Oriental Hotel, Washington, D.C., and virtually Tuesday, Sept. 27, and Wednesday, Sept. 28. Program line-up features dynamic keynote addresses, interactive C-suite panels, and expert case study sessions.

Who: Open to professionals in risk management and offers beginner and advanced session tracks.

  • Speakers: Jack Jones, chairman, FAIR Institute; Mark Tomallo, senior vice president, CISO, Victoria’s Secret; Mary Elizabeth Faulkner, CISO, Thrivent Financial; Jeff Norem, Deputy CISO, Freddie Mac; Matthew Tolbert, senior cybersecurity specialist, supervision and regulation, Federal Reserve Bank of Cleveland; and James Lam, public and private board director; National Association of Corporate Directors (NACD) certified director and D100 honoree; ERM consultant, author, and speaker; and Derek Johnson senior reporter, SC Media; among others.
  • In-person and Virtual: “This year, we are pleased to welcome attendees back in person and to virtual events for FAIRCON22. The conference focus is on 'Scale,' demonstrating how to take the latest developments in quantitative risk management to the next level to impactfully address escalating and costly cybersecurity challenges,” said Nick Sanna, president, FAIR Institute. "We are assembling the world's leading experts and practitioners to share their experience and expertise. We can connect organizations with our partners and sponsors to help build out risk management programs. Training sessions are offered to help organizations advance the needs of their cyber and operational risk professionals. Attendees also can achieve certification and CPE credits.” 

FAIRCON22 Highlights: Featured events, full agenda:

  • Main Keynote: Trusting Risk-Informed Decisions, Jack Jones, chairman, FAIR Institute
  • Opening Keynote: How Risk Economics Can Help Us Win the Battle in Cyberspace, Larry Clinton, president, Internet Security Alliance (ISA).
  • C-level Panel: CISOs from Highmark Health, Victoria's Secret, Freddie Mac, and Thrivent Financial on Driving Culture Change - From a Compliance to a Risk-based Approach to Cybersecurity
  • Case Study: Cisco, Refining the “R” in GRC at Scale
  • Fireside Chat: What the Revised SEC Guidance on Cyber Risk Disclosures Means for You, Kristy Littman, former chief of enforcement - Cyber Unit, SEC
  • Case Studies: Netflix, Equinix, Expedia, and Dropbox
  • Keynote: Omar Khawaja, CISO, Highmark Health: Justifying the Value of Cybersecurity to the Business with Highmark Health and the BOSITE Framework
  • Closing Remarks: Jack Jones, chairman, FAIR Institute; Derek Johnson, senior reporter, SC Media

Membership to The FAIR Institute is free, and members are eligible for discounted tickets to FAIRCON22. To register for the event, visit:

Sponsors include RiskLens, Technical Advisor; IBM, Protiviti, RiskRecon, and Archer, Institute Advisors; and Black Kite, LogicGate, The Open Group, and Cyenthia Institute; Conference Sponsors.

About the FAIR Institute

The FAIR Institute is an expert, non-profit organization led by information risk officers, CISOs and business executives, created to develop and share standard risk management practices based on FAIR. Factor Analysis of Information Risk (FAIR™) is the only international standard analytics model for information security and operational risk. FAIR helps organizations quantify and manage risk from the business perspective and enables cost-effective decision-making. To learn more and get involved visit: 

FAIR Institute education partners include Arizona University, Boston College, Carnegie Mellon University, Ferris State University, George Mason University, Harvard University, Macquarie University, Pepperdine University, San Jose State University, University of Massachusetts Amherst, Marymount University, Georgetown University, Georgia Southern University, Catholic University of America, University of Tampa, University of Toronto, Virginia Tech, Washington University in St. Louis, University of Wisconsin, Webster University, Seattle Pacific University, Glasgow Caledonian University, and Universidad Andina Simón Bolivar (UASB).


Cathy Morley Foster
Eskenzi PR