Post by Black Kite

We hosted a webinar last week. We put Jack Jones, the man who built FAIR™, in a room with Black Kite CSO Bob Maley, and a group of CISOs and TPCRM professionals from various industries. Nobody's heat map survived. The uncomfortable truth Jones and Maley unpacked live: Your board isn't pushing back on your risk dashboard because they trust it. They just have no other frame of reference. A few takeaways from the discussion: → A 1-to-5 risk scale is numeric. It is not quantitative. There's a difference, and your CFO knows it.  → The best time to apply financial risk quantification to a vendor relationship is before the contract is signed. After that, the window closes.  → Out-of-the-box AI will give you a confident-sounding answer on cyber risk that is, in Jones' words, “almost certainly going to be utter garbage.” But trained correctly? Different story.  → Jones is sharing the Claude skill files he built to make that happen. Details in the recording. Read more and catch the recording here. #CyberRisk #TPCRM #CRQ #FAIR #ThirdPartyRisk #CISO #CyberRiskQuantification