At C-Risk, we promote proactive cyber risk management and governance. Our data-driven approach enables organizations to identify and mitigate risks before they become critical. We uniquely bridge the gap between technical teams and business leadership by providing CISOs and risk teams with actionable insights to strengthen their digital defenses, demonstrate the return on investment of their security controls, and communicate with the board in business terms.C-Risk experts rely on open standards such as FAIR and frameworks like MITRE ATT&CK, combining them with our technical expertise and a powerful CRQ tool to deliver innovative solutions. As the risk and regulatory landscape evolves, we continuously expand our use cases to meet our clients’ needs. Our commitment to excellence and transparency enables international organizations to improve their cybersecurity posture and grow, contributing to a safer digital economy.
.png)
The founders of C-Risk, Christophe Forêt and Tom Callaghan, met while working at Dell. During their careers, they helped large organizations with digital transformation and cloud migration projects.
This experience led to many discussions about the communication gap between business leaders and information security and technology professionals.
In 2016, C-Risk was created to address this communication gap: the challenge of communicating cyber and technology risks in business terms.
For this reason, C-Risk adopted the Open FAIR™ standard and framework as the foundation of its risk management approach. C-Risk continues to expand its offerings and solutions as the risk and regulatory landscape evolves.
Tom and Christophe observed that discussions about security and IT risks between businesses and IT experts were often difficult. C-Risk was therefore created to address these communication challenges.
Creation of the Paris chapter of the FAIR Institute to promote the FAIR standard and methodology in Europe. Since then, we have developed partnerships with key players in the field of risk quantification.
Launch of FAIR™ risk quantification training programs (Datadock certified in 2020 and Qualiopi certified in 2021).
Launch of CRQ offerings and signing of the first European contracts, marking the beginning of C-Risk’s strong growth.
Datadock certification of our training programs.
Qualiopi certification of our training programs.
Fundraising of €2.5 million from the XPGEN fund of Scale Up Capital to accelerate growth.
Opening of offices in the United States, the United Kingdom, Germany and Ireland.
.svg)
.svg)
.svg)
Co-founder
President and Co-founder of C-Risk
Marketing Director
Director of Administration and Finance
Director of Customer Success
Senior Sales Director for France and French-speaking territories
Marketing Coordinator
Marketing Operations & Lead Generation Coordinator
Director of Advisory Services
Training Manager
Marketing assistant
Technical Writer
Principal Consultant
Senior Cyber Risk Consultant
Cyber Security and Risk Management Consultant
Cyber Security and Risk Management Consultant
External Consultant
Finance Apprentice
As co-founders of C-Risk, we are deeply committed to the principles of openness and value creation. Our ambition is to transform the way cyber and technology risk is communicated and managed, by cutting through the noise to deliver greater clarity. More than half of our team comes from the world of IT operations and business development, which gives us a thorough understanding of what sets a true partner apart from a simple vendor. We are here to support your business as genuine partners. C-Risk's internal culture is built on mutual respect and open dialogue. In a spirit of honesty and transparency, these values are at the heart of the relationship we maintain with each of our clients. Our greatest strength lies in our collaborative mindset: every member of the C-Risk team contributes to expanding our knowledge of information security and operational risk issues.
We are aware of the human limitations when it comes to forecasting and decision-making, especially in the field of cyber risk. Our unique approach to cyber risk management is what makes our unmatched CRQ solutions so powerful. C-Risk is committed to promoting continuous learning and sharing relevant insights on quantitative methods, which address the shortcomings of traditional approaches for stronger governance and greater resilience.
.jpg)
C-Risk supports and collaborates with the FAIR Institute, a research-driven organisation that promotes collaboration, education and open standards. The Open FAIR™ standard is the only open standard for quantifying risk through its Factor Analysis of Information Risk (FAIR) model. FAIR's taxonomy and ontology enable the breakdown of risk scenarios into measurable variables, facilitating accurate risk assessment and management. An open standard allows for the transparent sharing of information and best practices across organisations. This alignment with the FAIR Institute underscores our commitment to adopting and promoting transparent and effective risk management methodologies.
.jpg)