Cyber Risk Quantification (CRQ)
Align your security investment to cyber risk expressed in financial terms
Third-Party Cyber Risk Management (TPCRM)
Manage your supply chain and third-party risk
Cyber security performance measurement
Manage your Cyber Reputation
All Cyber Risk Quantification (CRQ) and cybersecurity blog posts
All the events, forums and webinars that C-Risk organizes
Why join the C-Risk team
What is risk mapping? What methods should you follow to make it useful? Whom should you involve in the process? How can you adapt it to cyber risks?
How is the FAIR methodology different from other cyber risk analysis methods? What is its governing principle? How can you benefit from this standard?
Cyber risk management means looking into the different definitions of risk as well as the resulting management methods.
What definition for cyber risk? Which digital risk analysis methodology should you choose to efficiently protect your IT?
The “Sunburst” supply chain attack impacted hundreds of businesses, and remains one of the most sophisticated and widespread cyberattacks.
MITM cyberattack: What Is It? How does it work ? How can you easily prevent it?
Corporate phishing attempts are becoming more and more sophisticated, threatening the integrity of sensitive data. Here is all you need to know to make sure you are well protected!
Ransomware poses the biggest cyber threat to businesses in 2021. How does it work? How to protect yourself from it?
How to apply the traditional crisis management procedure to a cyber attack? What specificities should you consider? What are the tools at your disposal?
DDoS attacks, or "Distributed Denial-of-Service" attacks, paralyze their victim sites. Understand how they work to protect yourself.
Malware is a cyber attack that exercises unauthorized and harmful actions on your device or system. Learn about malicious software to perfect your cyber security.
Cyber attacks are malicious attempts to harm the targeting audience. Find out how to protect your business against cybercrime in 2021.
Being compliant with GDPR and having efficient data protection policy is a tricky challenge that can be overcome with Cyber Risk Quantification (CRQ).
Everything you need to know about the international standard ISO 27005: Official definition, summary, methodology, advantages and limitations.
Disaster Recovery Plan (DRP)
What is the IT DRP? How do you set it up to ensure disaster recovery in the event of a computer failure or a cyberattack?
Third-Party Risk Management
The more business partners an extended enterprise has, the greater the need is to think about third-party cybersecurity risk management.
NIST Cybersecurity Framework
Is the NIST Cybersecurity Framework good at analysing, preventing, and recovering from cyber risk? How can you use this method? Is it enough to protect your structure?
Business Continuity Plan (BCP): what do you need to know? How to prepare for cyberattacks and ensure the resilience of your company?
By enhancing data protection, the ISO 27001 standard contributes to your cybersecurity strategy. What is it? How does it work? What are the benefits?
Risk is inherent to the enterprise world but difficult to assess and measure
For a lot of industries, Business Continuity (BCP) and Disaster Recovery (DR) is a requirement; however, a lot of the time the programs are minimalistic in nature.
The Open Group FAIR Certification for People program is aimed at meeting the needs of risk analysts and organizations employing risk analysts.
How to prepare your crisis communication in the event of a cyberattack? Communication cycle, targets, messages: the complete guide.
crisis response team
Procedures you should follow to create a crisis response team to anticipate and respond to cyberattacks
The HAZOP method applies to the analysis of cyber risks of the industrial company. A guide to advantages, disadvantages and approaches applied to IT.
The FMEA method is qualitative. It is useful in order to draw up a mapping of cyber risks, based on subjective ordinal and nominal scales. Justifying and prioritising corrective actions is far more effective when done through a quantitative analysis.
C-Risk, the European leader in cyber risk quantification using FAIR™ announces the launch of its cyber risk quantification training program.
What is cybersecurity governance? How and why should I implement cybersecurity governance?
What is the EBIOS cyber risk analysis method? Which structures can make use of it? What are its benefits and drawbacks?
FAIR is an analytical risk model, whereas most information security risk methodologies in use today are Capability Maturity Models (CMM) or checklists.
The current COVID-19 context is putting enormous pressure on companywide budgets including information security.