The blog about cybersecurity andwhat surrounds it

The “Sunburst” supply chain attack impacted hundreds of businesses, and remains one of the most sophisticated and widespread cyberattacks.

Risk is inherent to the enterprise world but difficult to assess and measure

Corporate phishing attempts are becoming more and more sophisticated, threatening the integrity of sensitive data. Here is all you need to know to make sure you are well protected!

Business Continuity Plan (BCP): what do you need to know? How to prepare for cyberattacks and ensure the resilience of your company?

For a lot of industries, Business Continuity (BCP) and Disaster Recovery (DR) is a requirement; however, a lot of the time the programs are minimalistic in nature.

The Open Group FAIR Certification for People program is aimed at meeting the needs of risk analysts and organizations employing risk analysts.

How to apply the traditional crisis management procedure to a cyber attack? What specificities should you consider? What are the tools at your disposal?

How to prepare your crisis communication in the event of a cyberattack? Communication cycle, targets, messages: the complete guide.

What definition for cyber risk? Which digital risk analysis methodology should you choose to efficiently protect your IT?

Procedures you should follow to create a crisis response team to anticipate and respond to cyberattacks

Cyber attacks are malicious attempts to harm the targeting audience. Find out how to protect your business against cybercrime in 2021.

DDoS attacks, or "Distributed Denial-of-Service" attacks, paralyze their victim sites. Understand how they work to protect yourself.

By enhancing data protection, the ISO 27001 standard contributes to your cybersecurity strategy. What is it? How does it work? What are the benefits?

Malware is a cyber attack that exercises unauthorized and harmful actions on your device or system. Learn about malicious software to perfect your cyber security.

MITM cyberattack: What Is It? How does it work ? How can you easily prevent it?

What is the IT DRP? How to set it up to ensure disaster recovery in the event of a computer failure or a cyberattack?

Ransomware poses the biggest cyber threat to businesses in 2021. How does it work? How to protect yourself from it?

Being compliant with GDPR and having efficient data protection policy is a tricky challenge that can be overcome with Cyber Risk Quantification (CRQ).

What is risk mapping? What methods should you follow to make it useful? Whom should you involve in the process? How to adapt it to cyber risks?

The more business partners an extended enterprise has, the greater the need to think about third-party cybersecurity risk management.

Cyber risk management means looking into the different definitions of risk as well as the resulting management methods.

Everything you need to know about the international standard ISO 27005: Official definition, summary, methodology, advantages and limitations.

The HAZOP method applies to the analysis of cyber risks of the industrial company. A guide to advantages, disadvantages and approaches applied to IT.

The FMEA method is qualitative. It is useful in order to draw up a mapping of cyber risks, based on subjective ordinal and nominal scales. Justifying and prioritising corrective actions is far more effective when done through a quantitative analysis.

Is the NIST Cybersecurity Framework any good to analyse, prevent and recover from cyber risk? How can you use this method? Is it enough to protect your structure?

C-Risk, the European leader in cyber risk quantification using FAIR™ announces the launch of its cyber risk quantification training program.

What is cybersecurity governance? How and why should I implement cybersecurity governance?

What is the EBIOS cyber risk analysis method? Which structures can make use of it? What are its benefits and drawbacks?

How is the FAIR methodology different from other cyber risk analysis methods? What is its governing principle? How can you benefit from this standard?

FAIR is an analytical risk model, whereas most information security risk methodologies in use today are Capability Maturity Models (CMM) or checklists.

Paris, September 30th - C-Risk, has added Normshield’s innovative cyber risk rating and quantification platform to its suite of offerings.

Paris, October 5th - C-Risk, has signed a partnership agreement with RiskLens, provider of the only enterprise-grade SaaS platform for CRQ using the FAIR standard.

The current COVID-19 context is putting enormous pressure on companywide budgets including information security.

Paris, February 2nd 2022 - C-Risk and EGERIE partner to enable cyber risk quantification in financial terms