C-Risk blog

Explore EBIOS RM, the French cyber risk analysis method. Discover its approach, ideal use cases, and key pros and cons for cyber risk management.

Discover how data-driven cyber risk management helps Irish organisations achieve NIS2 compliance with the 16 mandatory security measures.

Discover what defines a cybercriminal, their methods, motivations, and how understanding their profile helps strengthen your cybersecurity strategy.

Discover the UK's evolving cybersecurity landscape for 2025, recent major attacks, changing regulations, and how organizations can build resilience through quantitative risk management.

Explore the link between finance and cybersecurity and how effective funding strengthens protection. Learn why financing is key to cybersecurity.

Learn how to implement an effective ISMS based on ISO/IEC 27001 to protect information assets, manage risks, and strengthen cybersecurity.

France faces sophisticated cyber threats in 2025. Learn about major breaches, regulatory changes, and security best practices to protect your organization.

Learn how emerging AI risks impact confidentiality, integrity, and availability. Gain insights into the business-centric FAIR-AIR approach to AI risk analysis.

Protect your business with essential cybersecurity best practices. Learn how to secure critical data, defend against threats, and stay resilient.

Strengthen your cloud security with key governance principles, essential controls and best practices to protect sensitive data and reduce risks.

Demonstrates that you have gained knowledge of the terminology, structure, and basic concepts of FAIR with the Open Group FAIR™ 2 Foundation Certification

CISO Markus Kaufmann, winner of Defense Magazine’s Top Global CISOs in the World, discusses data-driven cyber risk management, FAIR methodology, and the concept of "return on risk" in information security.

Discover how keyloggers, stealthy programs that record every keystroke, have become powerful tools for cybercriminals, enabling identity theft, corporate espionage, and large-scale network breaches.

Discover PCI DSS: Learn how PCI DSS compliance benefits your organization with enhanced data security and improved customer confidence.

Explore CISM certification: its importance in cybersecurity, career benefits, and how it integrates with other certifications like FAIR to enhance information security management skills and expertise.

In today's interconnected digital landscape, cyber awareness has become a critical competency for individuals and organizations alike. This comprehensive understanding of digital threats and safe online behaviors forms the foundation of modern cybersecurity defense strategies.

Discover how the MITRE ATT&CK framework helps organizations analyze and counter cyberattacks through a behavioral defense approach.

Explore key cybersecurity standards and frameworks for 2024, including ISO 27001, NIST CSF, and AI-specific guidelines. Learn their benefits beyond compliance.

Learn about the expanded scope of NIS 2 and the three pillars the Directive introduced for a safer, more resilient digital economy.

Validate your skills, gain a competitive edge, and explore career advancement opportunities in information systems auditing and security with a CISA certification.

Cyber professionals can benefit from cybersecurity certifications at any point in their career. Certifications lead to career advancement, salary increases and career fulfilment.

Learn about the evolution of ICS, the impact of cyber threats, and how CRQ can help identify the most effective critical controls to implement.

Discover the SEC's final rules on cybersecurity, governance, and disclosures. Learn how to improve disclosures with quantitative and qualitative methods.

The healthcare sector is a major target for cybercriminals. And with the rise in cyberattacks, strong health data protection strategies are critical.

Discover the core technologies driving Industry 4.0 and understand the operational cybersecurity challenges they bring.

Dive into the world of cloud security certification with C-Risk's CCSP guide. You will gain a high-level overview of the six domains of cloud computing, how to prepare for the CCSP exam and the opportunities that await a certified IT professional.

The CISSP is the gold standard for information security and cybersecurity professionals. Learn about its benefits, requirements, and how it boosts your career in information security.

The Cloud & Your Digital Assets: CRQ Methods for Risk Management

Explore the foundations information security, focusing on risk-based strategies to safeguard digital assets against cyber threats in the age of SaaS, IoT, and AI.

Cybersecurity and information security risk management empowers organizations to make defensible decisions and build cyber resilience.

Explore common cyberattack examples and learn key strategies businesses can use to protect against threats, minimize risks, and safeguard sensitive data.

Discover what is cybersecurity governance and how and why you should implement cybersecurity governance

How to apply the traditional crisis management procedure to a cyber attack? What specificities should you consider? What are the tools at your disposal?

Discover how “The “Sunburst” supply chain attack impacted hundreds of businesses, and remains one of the most sophisticated and widespread cyberattacks.

Follow this 4-step method based on financial quantification of risk to reduce your exposure to ransomware losses by measuring the financial impact of an incident.

Explore the key strategies to optimize cybersecurity spending while addressing emerging threats

Curious how to manage cyber risk in a Merger and Acquisition context? Quantification provides data-driven insights and helps in decison-making.

The HAZOP method applies to the analysis of cyber risks of the industrial company. A guide to advantages, disadvantages and approaches applied to IT.

Learn everything you need to know about the international standard ISO 27005. Official definition, summary, methodology, advantages, and limitations.

Learn how cyber risk quantification helps prioritize security efforts, align with business goals, and optimize resource allocation for better resilience.

Business Continuity Plan (BCP): what do you need to know? How to prepare for cyberattacks and ensure the resilience of your company?

Learn how to effectively manage crisis communication after a cyberattack. Gain key strategies, target messaging, and steps to protect your brand.

Understand your financial exposure to cyber risks such as cyber crime, give your business a head start when negotiating cyber insurance cover against cyber incidents.

Discover the FMEA method's qualitative approach to identifying and assessing risks and how it can be used for a unique approach to cyber risk mapping.

Learn best practices for creating a crisis response team to handle cyberattacks, from essential roles and benefits to key steps in team organization.

By improving the security of sensitive information, ISO 27001 contributes to your cybersecurity strategy. Definition, operation and benefits.

What is risk mapping? What methods should you follow to make it useful? Whom should you involve in the process? How can you adapt it to cyber risks?

Being compliant with GDPR and having efficient data protection policy is a tricky challenge that can be overcome with Cyber Risk Quantification (CRQ).

How is the FAIR™️ methodology different from other cyber risk analysis methods? What is its governing principle? How can you benefit from this standard?

MITM cyberattack: What Is It? How does it work ? How can you easily prevent it?

Corporate phishing attempts are becoming more and more sophisticated, threatening the integrity of sensitive data. Here is all you need to know to make sure you are well protected!

Cyber risk management means looking into the different definitions of risk as well as the resulting management methods.

Gain a comprehensive overview of the various approaches to cyber risk analysis and discover the benefits of a quantitative approach using the FAIR framework.

Quantification of controls effectiveness : what impact on risk decisions improvement ? Answers in the webinaire.

A DDoS attack will disrupt web traffic and make services unavailable. Learn how they work and how to protect your digital assets, services and operations.

Is the NIST Cybersecurity Framework good at analyzing, preventing, and recovering from cyber a cyber incident? How can you use this method? Is it enough to protect your structure?

Learn all you need to know about malicious software to perfect your cyber security.

Learn all you need to know to set up a disaster recovery plan and to ensure it in the event of a computer failure or a cyberattack.

Ransomware poses the biggest cyber threat to businesses in 2021. How does it work? How to protect yourself from it?

Secure your company's investments: innovative solutions to manage cyber risks and protect your business.

How to factor IT security controls in the context of cyber risk quantification? Watch discussion of experts from C-Risk and RiskLens in a 50 minutes webinar

C-Risk, the European expert in cyber risk quantification using FAIR™ announces the launch of its cyber risk quantification training program.