cbuscrq.org brings the FAIR standard for cyber risk quantification to Columbus — connecting security leaders, analysts, and executives who speak the language of business risk.
Factor Analysis of Information Risk (FAIR) is the only internationally recognized standard quantitative model for cybersecurity and operational risk. It enables organizations to measure, manage, and communicate risk in the financial terms that boards and executives understand.
The FAIR Institute is a non-profit professional organization with chapters across the globe. The Columbus chapter — cbuscrq.org — serves Central Ohio's security and risk community with local events, peer learning, and practical application of the FAIR model.
Workshops, study groups, and certification prep for the Open FAIR Body of Knowledge — practical skills you can apply the next day.
Connect with CISOs, risk analysts, auditors, and security engineers across Columbus who share a data-driven approach to risk management.
Regular in-person and virtual meetups featuring guest speakers, case studies, and hands-on FAIR analysis exercises.
Learn to present cyber risk to executives and board members in the language they speak: financial exposure, probability, and business impact.
Hands-on sessions applying the FAIR model to real scenarios — from ransomware impact analysis to third-party vendor risk quantification.
Access to FAIR Institute research, frameworks, and resources — curated and contextualized for Central Ohio's business landscape.
Translate technical risk into executive-ready financial exposure reports.
Apply quantitative methods to move beyond red/amber/green heat maps.
Strengthen risk assessments with defensible, model-driven quantification.
Build in-demand CRQ skills and connect with Columbus's security community.