The Open Group FAIR Certification?

HornswogglerHornswoggler Member Posts: 63 ■■□□□□□□□□
Anybody here pursue the Open FAIR cert? If so, what did you think of it?

http://www.opengroup.org/certifications/openfair

Or if you use Open FAIR for business risk, how do you like it compared to CVSS v3 scoring or others?
2018: Linux+, eWPT/GWAPT

Comments

  • beadsbeads Member Posts: 1,533 ■■■■■■■■■□
    Compare FAIR, FAIR for Government to NIST 800 series would be a more apples to apples comparison. Mitre's CVSS system is for vulnerabilities not business risk. All in all the FAIR system is gaining traction with both the US Government and world business leaders. Business risk should be something more generally associated with any security practice, not just 'cyber' but physical, network, business, database, etc.

    - B/Eads
Sign In or Register to comment.