Information Risk Expert Jack Jones Joins Interhack

(August 19, 2010) Interhack adds information risk expertise to its Information Assurance practice, bringing Jack A. Jones on as a Visiting Scientist. Jack brings the Factor Analysis of Information Risk, or FAIR, risk assessment model to Interhack.

AUGUST 19, 2010—Interhack is pleased to announce the addition of Jack A. Jones to its Information Assurance practice. Mr. Jones joins Interhack as a visiting scientist with expertise in the area of information risk management. From debate about security risk associated with WikiLeaks documents to pressure from the SEC for better reporting on risk information, quantifying risk—especially information risk—is increasingly important. Jack Jones' information risk assessment methodology—Factor Analysis of Information Risk, or FAIR—quantifies risk. 

Jack brings 27 years of experience in information technology with 19 years experience in information security and risk management. During this time, he’s worked in the United States military, government intelligence, consulting, as well as the financial and insurance industries. Jack has over seven years of experience as a Chief Information Security Officer (CISO), with five of those years at a Fortune 100 financial services company where he developed one of the most progressive information risk management programs in the industry. His work there was recognized in 2006 when he received the 2006 ISSA Excellence in the Field of Security Practices award.

Jack was featured in an article on the 9 Habits of Highly Successful CISO’s in the July 2006 edition of Information Security Magazine. In 2007, Jack was selected as a finalist for the Information Security Executive of the Year, Central United States, and was a judge for the national Information Security Executive of the Year competition. From 2008 to 2009 he was also an invited member of an international task force involved in developing one of ISACA’s latest publications: Enterprise Risk: Identify, Govern and Manage Risk, The Risk IT Framework.

Since 2008, Jack has been providing risk analysis and risk management training, analysis tools, and consulting services through his own company, Risk Management Insight. His clients include Fortune 10 energy, Fortune 100 financial services, Fortune 100 technology, and Fortune 500 retail companies. Jack holds CISM, CISSP, CISA, and CRISC certifications.

For more information about applications of the FAIR information risk management methodology in your organization, contact Abby Park at 

About Interhack

Interhack aids executives and attorneys facing challenges and opportunities involving the use of information.  We perform security and privacy assessments, as well as services to work with data in legal proceedings.  Our work is used to find the right questions to ask and the best answers science can provide.  Based in Columbus, Ohio, Interhack supports clients all over North America.  Additional information about Interhack is available at