ED-EL-04 – Turning Controls into Measurable Risk Reduction with FAIR-CAM – e-Learning
Duration: Approximately 10 hours of e-learning content (unlimited access for 3 months)
Training format: Asynchronous (e-Learning)
CPE credits: 10
Pricing
- €695 excl. VAT per person ED-EL-04.1
- €2,780 excl. VAT / 5 participants ED-EL-04.2
- €4,170 excl. VAT / 10 participants ED-EL-04.3
This online training enables practitioners to gain an in-depth understanding of how cybersecurity controls influence risk and to model their effectiveness using the FAIR-CAM™ (Controls Analytics Model).
Through structured modules, real-world case studies, and interactive exercises, participants analyze attack chains, identify relevant control functions, and estimate the operational effectiveness of security controls across measurable dimensions (intent, coverage, reliability, variance).
The course demonstrates how to use FAIR-CAM™ to support FAIR™ analyses, quantify the actual impact of a portfolio of security controls on risk reduction, and prioritize security investments.
This e-learning format is designed for FAIR practitioners who want to strengthen and systematize their approach to control analysis using a rigorous and defensible model.
€695 excl. VAT per person ED-EL-04.1
€2,780 excl. VAT / 5 participants ED-EL-04.2
€4,170 excl. VAT / 10 participants ED-EL-04.3
.svg)
Approximately 10 hours of e-learning content (unlimited access for 3 months)
Asynchronous (e-Learning)
10
By the end of the course, participants will be able to:
- Understand the role of security controls in reducing cyber risk
- Identify and assess the key dimensions of control effectiveness
- Model an attack chain and determine relevant control functions
- Apply FAIR-CAM™ results within a FAIR™ analysis to quantify risk reduction
Who Should Attend
CISOs / Heads of Information Security, risk or cybersecurity analysts, GRC consultants, technical auditors, and FAIR practitioners seeking to structure and enhance the evaluation of security control effectiveness.
Prerequisites
Completion of a FAIR practitioner course (e.g., ELC-02, CRQ-02) or practical experience with the FAIR™ taxonomy is required.
Introduction to FAIR-CAM™ and the Anatomy of Security Controls
- Refresher on the FAIR™ taxonomy and the concept of security controls
- Control anatomy and physiology: understanding how a control operates within an attack chain
From Vulnerability to Susceptibility
- Relationship between vulnerability, susceptibility, and threat events
- Impact of security controls on loss event frequency
Control Functions and Functional Domains
- Controls that limit threat events, limit vulnerability, enable detection/response, and reduce losses
- Functional domains (LECs, VMCs, DSCs) and alignment with existing security control frameworks
Measuring Security Control Effectiveness
- Dimensions of effectiveness: intended efficacy, coverage, variance, reliability
- Data and indicators required to assess controls (logging, KPIs, audit results, etc.)
- Aggregating control effectiveness across an attack chain
Applying FAIR-CAM™ within FAIR™ Analyses
- Integrating FAIR-CAM™ results into frequency and magnitude parameters of a FAIR™ analysis
- Use cases: comparing security strategies, justifying investments, optimizing security control portfolios
- Course designed by C-Risk FAIR-CAM™ experts in collaboration with Jack Jones, creator of the FAIR and FAIR-CAM™ models
- Case studies based on real-world consulting engagements
Regular multiple-choice quizzes to validate understanding of FAIR-CAM™ concepts
- Video modules detailing the logic and structure of the FAIR-CAM™ model
- 3-month access to the eLearning platform to review content and exercises
Advance Your Career with Cyber Risk Management Training
E-learning platform and instructor-led courses in quantification, cyber risk frameworks, and data-driven decision-making. C-Risk Education equips you with the skills to analyze and manage cyber risk effectively. Our training covers multiple methodologies and frameworks: cyber risk quantification, EBIOS RM, third-party risk management, and advanced threat and control assessment techniques. Learn practical, immediately applicable skills across the full spectrum of modern cyber risk management.
.svg)
Learn data-driven cyber risk management with FAIR standard. 3-hour instructor-led course on quantifying cyber risk in financial terms. No prerequisites.
.svg)
Learn FAIR™ cyber risk quantification at your own pace. 3-hour e-learning covering risk management fundamentals and financial risk analysis.
Master FAIR™ methodology in 12 hours. Learn quantitative cyber risk analysis, overcome qualitative limits, and make data-driven security decisions.
Master FAIR™ cyber risk quantification with 12 hours of e-learning. Model risk scenarios, estimate loss factors, prepare for Open FAIR™ 2 certification.
Executive training in cyber risk quantification using FAIR™. Learn data-driven governance for strategic cybersecurity decisions. 3-hour course, 3 CPE credits.
Learn to quantify security control effectiveness using FAIR-CAM™. Model risk reduction, analyze attack chains, and integrate controls into FAIR™ analyses.
.jpg)
Master FAIR-CAM™ to quantify security control effectiveness. 10-hour e-learning for FAIR practitioners. €695 per person. 10 CPE credits included.
Learn to quantify third-party cyber risks using FAIR™. 10-hour e-learning course covering TPRM lifecycle, risk scenarios, and financial quantification.