C-Risk & Normshield

Paris, September 30th - C-Risk, a leading European consulting firm specialized in cyber risk quantification (CRQ) using the FAIR™ standard, has added Normshield’s innovative cyber risk rating and quantification platform to its suite of offerings.
Christophe ForetChristophe Foret
Published on 28 May 2021 (Updated on 6 July 2021)

Our partnership

C-Risk and Normshield partner to provide cybersecurity rating, compliance assessment and cyber risk quantification services to European organizations and their 3 rd party vendors.

C-Risk provides CRQ consulting and managed services which help companies understand information risk in business terms and prioritize the corresponding security investments to improve cyber resilience. Using the Normshield platform, C-Risk’s managed services now include cybersecurity scoring and compliance assessments in addition to the financial quantification of cyber risk. As a part of this new partnership C-Risk has become a Normshield reseller for companies in the European market.

We chose Normshield because it uniquely combines technical security scoring and compliance assessments with an automated, FAIR™ based financial quantification of cyber risk scenarios

Tom Callaghan, C-Risk co-founder.

The cybersecurity industry has moved to adopt cyber risk quantification and the use of the FAIR standard in enterprise risk management programs. Using Normshield, CRQ with FAIR™ can now be combined with technical cyber scoring and compliance measurement for more effective and actionable 3rd party risk assessments.

C-Risk carefully picks the best open standard solutions” indicates Christophe Forêt, CRisk co-founder and CEO. “Normshield makes cyber scoring simple, more accurate yet scalable and affordable. Our clients can now get their cybersecurity score, their compliance level for ISO27001, GDPR, PCI-DSS,… and the probable future financial impact of a data breach. This allows them to better prioritize cyber security investments

About C-Risk

C-Risk is a leading European consulting firm which provides cyber risk quantification training, consulting and managed services to improve companies’ information security governance and cyber resilience. Using cyber risk financial quantification, we enable better decisions in security investments, third party cyber risk management and improved regulatory compliance.

Find out more at

About Normshield

Normshield is a leader in the Security Rating Services market. The NormShield platform provides accurate, quantitative, and continuously updated data to assess and monitor the cyber risk posture of any organization and its 3 rd parties. NormShield is the only platform combining cyber security ratings, compliance controls, and probable financial loss. NormShield’s 3D Vendor Risk @ Scale platform simplifies the arduous process of assessing hundreds to thousands of third parties.

More informations :

About OpenFAIR™

The Factor Analysis of Information Risk Standard (FAIR™) is the only international standard for the quantification of cyber and operational risk in financial terms. The Paris chapter of the FAIR Institute is sponsored and managed by C-Risk.

Find out more at