FRANKLIN, Tenn., Sept. 4, 2019 /PRNewswire/ — To assist small and midsized businesses make risk-based decisions based on cybersecurity cost exposure, information security consulting firm vCISO Services, LLC announced today the immediate availability of their licensed quantitative information risk assessment offering based on The Open Group Open FAIR™ Body of Knowledge.

“We beta-tested Open FAIR, and immediately realized the business value for our clients,” vCISO Services, LLC principal Greg Schaffer said. “Our Open FAIR certified resources leverage Open FAIR’s Risk Analysis Tool to help companies prioritize cybersecurity resources based on real cost exposure and not a color scheme representation of opinion.”

The Factor Analysis of Information Risk, or FAIR, uses known cost and historical data to provide executive management and board of directors with meaningful cost exposure ranges. “As a CISO, I created FAIR so that I could help my executive stakeholders make better decisions. The improvements in our ability to prioritize and communicate were beyond anything I had anticipated,” said Jack Jones, the developer of FAIR.

“We are pleased to have vCISO join the ranks of commercial licensees of Open FAIR, and to also join the Security Forum to contribute to the ongoing development of our standards and best practices,” said Jim Hietala, VP, Business Development and Security at The Open Group. The Open Group maintains a list of commercial Open FAIR licenses at

Traditionally, information risk assessments have been qualitative in nature, relying solely on the opinions of experts whether a risk is high, medium, or low, often displayed as red, yellow, and green “heat maps.” Such subjective assessments cannot provide accurate insight into information risk exposure.  vCISO Services, LLC offers FAIR-based quantitative information risk assessments both as standalone projects and as part of their Gold and Diamond Virtual CISO packages.

About vCISO Services, LLC

Franklin, Tennessee based vCISO Services, LLC is a leading provider of experienced virtual Chief Information Security Officer (vCISO) and information security risk management services for small and midsized businesses. Veteran-owned and with clients from coast to coast, our goal is to help small and midsized businesses improve their information security by providing quality virtual CISOs at a fraction of the cost of hiring a full-time CISO. More information is available at

About the Open Group

The Open Group is a global consortium that enables the achievement of business objectives through technology standards. Our diverse membership of more than 700 organizations includes customers, systems and solutions suppliers, tool vendors, integrators, academics, and consultants across multiple industries. Further information on The Open Group can be found at