In the fight against cybercrime, we intervene upstream in cyber risk management and governance. We draw on our expertise in risk quantification to provide our clients with a business vision and a financial assessment.
We treat cyber risks the same way a board of directors would treat any corporate risk. With our support, business leaders have become aware of the business impact of cyber risk. This helps them factor in business challenges in order to make better decisions regarding information security and data protection.
Our ambition is to be a leader and trusted advisor in cyber risk quantification by providing our clients with the solutions that best suit their needs.
To continue C-Risk's growth, we are developing new offers that capitalize on our technical skills to serve more companies in risk management and cybersecurity governance. We plan on recruiting several dozen people over the next three years.
C-Risk's founders, Christophe Forêt and Tom Callaghan, met while working at Dell, helping large enterprises with their digital transformation and moving critical services to the cloud.
This experience led to discussions that focused on the communication gap between business leaders and information security and technology professionals.
In 2016, C-Risk was created to address this challenge. The Open FAIR™ standard and framework provided the theoretical foundation to develop processes to identify, assess and communicate cyber risk in financial terms.
Tom and Christophe noticed that discussions about security and IT risks between business and IT experts were difficult. C-Risk was then created to address those communication issues.
Creation of the Paris branch of the FAIR Institute to promote the FAIR™ standard and its methodology in Europe. Since then, we have been developing partnerships with quantification professionals.
Launch of Cyber Risk Quantification training with FAIR™ and signing of the first European contracts, which marked the beginning of C-Risk's strong growth.
Launch of CRQ offers 1st European contact.
Datadock certification of our CRQ training courses.
Qualiopi certification of our CRQ training courses.
Fundraising of €2.5 million from Scale Up Capital’s XPGEN fund to accelerate growth.
Offices opened in the US, the UK, Germany and Ireland.
We believe that value is key, that is what drives us. First, we aim to bring value to our clients by seeking the most relevant solutions and striving for excellence every step of the way. Value also needs to be brought internally as everyone in the company is evaluated on their contribution to the company and their colleagues.
At C-Risk, authenticity is paramount. Everyone is welcome to express their ideas. One of our principles is that relevance has nothing to do with seniority, experience, or rank. As Christophe would put it, "quality does not wait a certain number of years". This is why our management style is collaborative and agile.
Our commitment is a consequence of our positioning and of our business vision. On the business side, we are committed to delivering the best service to our clients in order to secure their digital assets. Internally, we value mutual support and collaborative work. We are here for each other.
We are driven by curiosity, and a desire to provide the best innovative solutions. We keep up with the latest developments in cybersecurity by keeping an open mind. Open-mindedness also shows in the way our company operates and in the fact that we have developed a multicultural environment.
The C-Risk team is a diverse group of seasoned cybersecurity professionals and communicators.
C-Risk is your trusted advisor
As the co-founders of C-Risk, we are committed to the principles of openness and value creation. We seek to change the way cyber and technology risk is communicated and managed. Cutting through the noise and delivering clarity is the essence of our approach. With more than half of our combined careers dedicated to the hands-on world of IT operations and business development, we've seen firsthand the differences between a vendor and a partner. And we're here to be your true partner.
The internal culture of C-Risk is based on mutual respect and open dialogue. In order to be open and transparent with our clients, these same values are central to how we work with one another. Our collaborative spirit is a major strength. Each member of the C-Risk team contributes to our continually expanding collective knowledge of information security and operational risk challenges.
We recognize the limitations of human forecasting and decision-making, especially in the domain of cyber risk. Our risk-based perspective on cyber risk management is the driving force behind our unmatched CRQ solutions. C-Risk is dedicated to continued learning and sharing insights on quantitative methods that mitigate these shortcomings, ensuring better governance and resilience in IT security.
C-Risk is an industry pioneer in quantification. We look forward to working with you.
-Tom Callaghan & Christophe Forêt
C-Risk supports and collaborates with the FAIR Institute, a research-driven organization that promotes collaboration, education and open standards. The Open FAIR™ standard is the only open standard for quantifying risk through its Factor Analysis of Information Risk (FAIR) model. FAIR's taxonomy and ontology enable the decomposition of risk scenarios into measurable variables, facilitating accurate risk assessment and management. An open standard enables seamless sharing of information and best practices across organizations. This alignment with the FAIR Institute underscores our commitment to adopting and promoting transparent and effective risk management methodologies.
Let’s talk about your current challenges and your cyber risk management goals. Our experts will provide actionable insights on Cyber Risk Quantification (CRQ) and examples of our approach.
C-Risk is a recognized expert in Cyber Risk Quantification using the FAIR™ methodology. We provide CRQ consulting services, managed services, and training.
