Cyber Risk Quantification (CRQ)
Align your security investment to cyber risk expressed in financial terms
Third-Party Cyber Risk Management (TPCRM)
Manage your supply chain and third-party risk
Cyber security performance measurement
Manage your Cyber Reputation
Blog
All Cyber Risk Quantification (CRQ) and cybersecurity blog posts
News
All the events, forums and webinars that C-Risk organizes
Why join the C-Risk team
Job openings
Speculative application
FR
Risk Map
What is risk mapping? What methods should you follow to make it useful? Whom should you involve in the process? How can you adapt it to cyber risks?
FAIR™️ methodology
How is the FAIR methodology different from other cyber risk analysis methods? What is its governing principle? How can you benefit from this standard?
Risk management
Cyber risk management means looking into the different definitions of risk as well as the resulting management methods.
Risk analysis
What definition for cyber risk? Which digital risk analysis methodology should you choose to efficiently protect your IT?
Sunburst attack
The “Sunburst” supply chain attack impacted hundreds of businesses, and remains one of the most sophisticated and widespread cyberattacks.
MITM
MITM cyberattack: What Is It? How does it work ? How can you easily prevent it?
Phishing
Corporate phishing attempts are becoming more and more sophisticated, threatening the integrity of sensitive data. Here is all you need to know to make sure you are well protected!
Ransomware
Ransomware poses the biggest cyber threat to businesses in 2021. How does it work? How to protect yourself from it?
Crisis management
How to apply the traditional crisis management procedure to a cyber attack? What specificities should you consider? What are the tools at your disposal?
DDOS attack
DDoS attacks, or "Distributed Denial-of-Service" attacks, paralyze their victim sites. Understand how they work to protect yourself.
Malware
Malware is a cyber attack that exercises unauthorized and harmful actions on your device or system. Learn about malicious software to perfect your cyber security.
Cyber attacks
Cyber attacks are malicious attempts to harm the targeting audience. Find out how to protect your business against cybercrime in 2021.
GDPR
Being compliant with GDPR and having efficient data protection policy is a tricky challenge that can be overcome with Cyber Risk Quantification (CRQ).
ISO 27005
Everything you need to know about the international standard ISO 27005: Official definition, summary, methodology, advantages and limitations.
Disaster Recovery Plan (DRP)
What is the IT DRP? How do you set it up to ensure disaster recovery in the event of a computer failure or a cyberattack?
Third-Party Risk Management
The more business partners an extended enterprise has, the greater the need is to think about third-party cybersecurity risk management.
NIST Cybersecurity Framework
Is the NIST Cybersecurity Framework good at analysing, preventing, and recovering from cyber risk? How can you use this method? Is it enough to protect your structure?
BCP
Business Continuity Plan (BCP): what do you need to know? How to prepare for cyberattacks and ensure the resilience of your company?
ISO 27001
By enhancing data protection, the ISO 27001 standard contributes to your cybersecurity strategy. What is it? How does it work? What are the benefits?
FAIR
Risk is inherent to the enterprise world but difficult to assess and measure
For a lot of industries, Business Continuity (BCP) and Disaster Recovery (DR) is a requirement; however, a lot of the time the programs are minimalistic in nature.
The Open Group FAIR Certification for People program is aimed at meeting the needs of risk analysts and organizations employing risk analysts.
Crisis communication
How to prepare your crisis communication in the event of a cyberattack? Communication cycle, targets, messages: the complete guide.
crisis response team
Procedures you should follow to create a crisis response team to anticipate and respond to cyberattacks
HAZOP
The HAZOP method applies to the analysis of cyber risks of the industrial company. A guide to advantages, disadvantages and approaches applied to IT.
FMEA
The FMEA method is qualitative. It is useful in order to draw up a mapping of cyber risks, based on subjective ordinal and nominal scales. Justifying and prioritising corrective actions is far more effective when done through a quantitative analysis.
TRAINING
C-Risk, the European leader in cyber risk quantification using FAIR™ announces the launch of its cyber risk quantification training program.
Cybersecurity governance
What is cybersecurity governance? How and why should I implement cybersecurity governance?
EBIOS
What is the EBIOS cyber risk analysis method? Which structures can make use of it? What are its benefits and drawbacks?
FAIR is an analytical risk model, whereas most information security risk methodologies in use today are Capability Maturity Models (CMM) or checklists.
RSSI
The current COVID-19 context is putting enormous pressure on companywide budgets including information security.