Logologo

Cyber Risk Quantification (CRQ)

Align your security investment to cyber risk expressed in financial terms

Third-Party Cyber Risk Management (TPCRM)

Manage your supply chain and third-party risk

Cyber security performance measurement

Manage your Cyber Reputation

Training

Blog

All Cyber Risk Quantification (CRQ) and cybersecurity blog posts

News

All the events, forums and webinars that C-Risk organizes

Why join the C-Risk team

Job openings

Speculative application

FR

Contact
logo
Cyber Risk Quantification (CRQ)Third-Party cyber risk managementCyber security performance measurement
Trainings
BlogNews
Careers
Contact
gestion des risques

Risk Map

How to create a cyber security risk map?

What is risk mapping? What methods should you follow to make it useful? Whom should you involve in the process? How can you adapt it to cyber risks?

Published on 3 December 2021 (Updated on 2 August 2022)
strategy

FAIR™️ methodology

FAIR™️ risk methodology: quantifying and managing cyber risk

How is the FAIR methodology different from other cyber risk analysis methods? What is its governing principle? How can you benefit from this standard?

Published on 14 February 2022 (Updated on 2 August 2022)
strategy

Risk management

Risk management: how to prevent cyberattacks?

Cyber risk management means looking into the different definitions of risk as well as the resulting management methods.

Published on 14 December 2021 (Updated on 1 August 2022)
strategy

Risk analysis

Our guide to performing a Risk Analysis

What definition for cyber risk? Which digital risk analysis methodology should you choose to efficiently protect your IT?

Published on 24 January 2022 (Updated on 1 August 2022)
strategy

Sunburst attack

Sunburst supply chain attack

The “Sunburst” supply chain attack impacted hundreds of businesses, and remains one of the most sophisticated and widespread cyberattacks.

Published on 27 June 2022 (Updated on 27 July 2022)
strategy

MITM

What is a Man-in-the-Middle Attack (MITM)? How can you protect your company against it?

MITM cyberattack: What Is It? How does it work ? How can you easily prevent it?

Published on 10 September 2021 (Updated on 27 July 2022)
cyber attack

Phishing

How to prevent and avoid phishing?

Corporate phishing attempts are becoming more and more sophisticated, threatening the integrity of sensitive data. Here is all you need to know to make sure you are well protected!

Published on 16 September 2021 (Updated on 27 July 2022)
cyber attack

Ransomware

Ransomware: Understanding and Protecting Yourself from Ransomware

Ransomware poses the biggest cyber threat to businesses in 2021. How does it work? How to protect yourself from it?

Published on 1 September 2021 (Updated on 27 July 2022)
strategy

Crisis management

Crisis management: how to effectively manage a cyber crisis?

How to apply the traditional crisis management procedure to a cyber attack? What specificities should you consider? What are the tools at your disposal?

Published on 9 August 2021 (Updated on 27 July 2022)
cyber attack

DDOS attack

How to protect yourself from a DDOS attack or Distributed Denial-of-Service attack?

DDoS attacks, or "Distributed Denial-of-Service" attacks, paralyze their victim sites. Understand how they work to protect yourself.

Published on 20 July 2021 (Updated on 27 July 2022)
strategy

Malware

Malware in 2021: understanding and limiting cyber risks

Malware is a cyber attack that exercises unauthorized and harmful actions on your device or system. Learn about malicious software to perfect your cyber security.

Published on 13 July 2021 (Updated on 27 July 2022)
cyber attack

Cyber attacks

Cyber attacks: how to identify them and protect yourself effectively?

Cyber attacks are malicious attempts to harm the targeting audience. Find out how to protect your business against cybercrime in 2021.

Published on 25 June 2021 (Updated on 27 July 2022)
norme

GDPR

GDPR compliance should impact your cybersecurity strategy

Being compliant with GDPR and having efficient data protection policy is a tricky challenge that can be overcome with Cyber Risk Quantification (CRQ).

Published on 15 June 2021 (Updated on 26 July 2022)
strategy

ISO 27005

ISO 27005: everything you need to know if you are considering implementing it

Everything you need to know about the international standard ISO 27005: Official definition, summary, methodology, advantages and limitations.

Published on 3 March 2022 (Updated on 13 July 2022)
strategy

Disaster Recovery Plan (DRP)

IT DRP: how to plan recovery from a cyber crisis?

What is the IT DRP? How do you set it up to ensure disaster recovery in the event of a computer failure or a cyberattack?

Published on 27 July 2021 (Updated on 13 July 2022)
strategy

Third-Party Risk Management

Why is cybersecurity Third-Party Risk Management of paramount importance?

The more business partners an extended enterprise has, the greater the need is to think about third-party cybersecurity risk management.

Published on 24 March 2022 (Updated on 13 July 2022)
strategy

NIST Cybersecurity Framework

NIST Cybersecurity Framework: how to manage your cyber risks?

Is the NIST Cybersecurity Framework good at analysing, preventing, and recovering from cyber risk? How can you use this method? Is it enough to protect your structure?

Published on 31 January 2022 (Updated on 13 July 2022)
cyber attack

BCP

Business continuity plan: planning and preparing for a cyberattack

Business Continuity Plan (BCP): what do you need to know? How to prepare for cyberattacks and ensure the resilience of your company?

Published on 6 July 2021 (Updated on 12 July 2022)
quantification

ISO 27001

What is ISO 27001 and how does it benefit your cybersecurity strategy?

By enhancing data protection, the ISO 27001 standard contributes to your cybersecurity strategy. What is it? How does it work? What are the benefits?

Published on 29 June 2021 (Updated on 12 July 2022)
budget investissement

FAIR

Company Investissement

Risk is inherent to the enterprise world but difficult to assess and measure

Published on 28 May 2021 (Updated on 21 June 2022)
quantification
Risk Quantification

For a lot of industries, Business Continuity (BCP) and Disaster Recovery (DR) is a requirement; however, a lot of the time the programs are minimalistic in nature.

Published on 31 May 2021 (Updated on 17 June 2022)
fair institute
About Open FAIR Certification

The Open Group FAIR Certification for People program is aimed at meeting the needs of risk analysts and organizations employing risk analysts.

Published on 28 May 2021 (Updated on 17 June 2022)
strategy

Crisis communication

How to manage crisis communication after a cyberattack?

How to prepare your crisis communication in the event of a cyberattack? Communication cycle, targets, messages: the complete guide.

Published on 2 August 2021 (Updated on 17 June 2022)
strategy

crisis response team

How to set up a crisis response team after a cyberattack?

Procedures you should follow to create a crisis response team to anticipate and respond to cyberattacks

Published on 13 August 2021 (Updated on 17 June 2022)
cyber attack

HAZOP

Is HAZOP applicable to cybersecurity?

The HAZOP method applies to the analysis of cyber risks of the industrial company. A guide to advantages, disadvantages and approaches applied to IT.

Published on 9 December 2021 (Updated on 17 June 2022)
gestion des risques

FMEA

Is FMEA suitable for cyber risk analysis?

The FMEA method is qualitative. It is useful in order to draw up a mapping of cyber risks, based on subjective ordinal and nominal scales. Justifying and prioritising corrective actions is far more effective when done through a quantitative analysis.

Published on 1 December 2021 (Updated on 17 June 2022)
calendar

TRAINING

Launch of C-Risk training

C-Risk, the European leader in cyber risk quantification using FAIR™ announces the launch of its cyber risk quantification training program.

Published on 28 May 2021 (Updated on 17 June 2022)
strategy

Cybersecurity governance

Cybersecurity governance best practices: the complete guide

What is cybersecurity governance? How and why should I implement cybersecurity governance?

Published on 13 April 2022 (Updated on 17 June 2022)
strategy

EBIOS

A guide to the EBIOS methodology: definition, procedure, limitations

What is the EBIOS cyber risk analysis method? Which structures can make use of it? What are its benefits and drawbacks?

Published on 16 May 2022 (Updated on 17 June 2022)
fair institute

FAIR

FAIR differences

FAIR is an analytical risk model, whereas most information security risk methodologies in use today are Capability Maturity Models (CMM) or checklists.

Published on 28 May 2021 (Updated on 17 June 2022)
budget investissement

RSSI

Challenge budgétaire du RSSI

The current COVID-19 context is putting enormous pressure on companywide budgets including information security.

Published on 28 May 2021 (Updated on 17 June 2022)
Footer
Solutions
  • Cyber Risk Quantification (CRQ)
  • Third-Party Cyber Risk Management
  • Cyber security performance measurement
Training
  • Executive briefing
  • Intro to Cyber Risk Quantification
  • Fundamentals of Cyber Risk Quantification
Resources
  • Blog
  • News
  • Partnerships
  • Jobs
Legal
  • Terms of Use
  • Privacy Policy
Languages

© 2022 Designed and made by Snoweb ❄️ All rights reserved.