Join the C-Risk teamC-Risk

Ready to take charge of your own career? At C-Risk, everyone is an active player in the company's strategy, in their own professional development, and in the development of their expertise dedicated to our clients' cybersecurity.

Our vision: to become the market referencein cyber quantification

In the fight against cybercrime, we intervene upstream, in cyber risk management and governance. We rely on our expertise in risk quantification to provide our clients with a business vision and a financial assessment. We treat cyber risks just like a board of directors would treat any corporate risk. Through our support, company managers have become aware of the business impact that cyber risk can have. This helps them factor in business challenges in order to make better decisions regarding information security and data protection.

Our ambition is to become a leader and trusted advisor in cyber quantification by providing our clients with the solutions that best suit their needs.

To continue C-Risk's growth, we are developing new offers that capitalise on our technical skills to serve more companies in risk management and cybersecurity governance. We plan on recruiting several dozen people over the next three years.

Our history

C-Risk was founded by Christophe Foret and Tom Callaghan. They met when they were working at Dell, as they assisted large companies with their digital transition and the transfer of services to the cloud. Tom led this practice of about forty people from London.
October 2016
Tom and Christophe noticed that discussions about security and IT risks between business and IT experts were difficult. C-Risk was then created to address those communication issues.
September 2017
Creation of the Paris branch of the FAIR Institute to promote the FAIR™ standard and its methodology in Europe. Since then, we have been developing partnerships with quantification professionals.
Service Launch
April 2019: launch of quantification training with FAIR™ (it was later Datadock-certified in 2020 and then Qualiopi-certified in 2021). January 2020: launch of CRQ (Cyber Risk Quantification) offers and signing of the first European contracts, which marked the beginning of C-Risk's strong growth.
CULTURE

Our state of mind

At C-Risk, governance is participatory: when it comes to defining the company’s strategy, everyone contributes. Our organisation is not compartmentalised, each and every individual point of view is taken into account. This allows us to be dynamic and to grow by adapting our offer to our clients’ needs. By carrying out a wide range of assignments, our employees develop multiple skills. For example, you will develop your persuasion skills, your teaching skills, and your ability to summarise information by making presentations to our clients' general managers. You will continuously learn in order to keep up to date with cutting edge technologies.

Our culture is based on effort and results, which means that we value our employees’ potential and abilities. Everyone is encouraged to use and apply their skills.

Our goal is to lead our clients to success and to offer them long term support. To achieve this, we always keep in mind the added value that we deliver through our support. We seek innovation only if it appears to be relevant.

This search for relevance is what led us to the FAIR™ standard, as it is the answer to the communication difficulties between business and IT teams: it establishes a common language, it makes cyber risk issues understandable to non-technical people and it explains how to set priorities in the face of the multiple cybersecurity solutions available.

The C-Risk values

Value above all

We believe that value is key, that it is what drives us. First, we aim to bring value to our clients by seeking the most relevant solutions and striving for excellence every step of the way. Value also needs to be brought internally as everyone in the company is evaluated on their contribution to the company and their colleagues.

Candour

At C-Risk, authenticity is paramount. Everyone is welcome to express their ideas. One of our principles is that relevance has nothing to do with seniority, experience, or rank. As Christophe would put it, "quality does not wait a certain number of years". This is why our management style is collaborative and agile.

Commitment

Our commitment is a consequence of our positioning and of our business vision. On the business side, we are committed to delivering the best service to our clients in order to secure their digital assets. Internally, we value mutual support and collaborative work. We are here for each other.

Open-mindedness

We are driven by curiosity, creativity, and a desire to provide the best innovative solutions. We keep up with the latest developments in cybersecurity by keeping an open mind. Open-mindedness also shows in the way our company operates and in the fact that we have developed a multicultural environment.
negociation

Do you share C-Risk's culture and values?

Do you share this need to deliver significant value, this sense of commitment, this open-mindedness? Do you value authenticity?

We can do great things together!

See our job openings

The C-Risk team

C-Risk is above all a team of cybersecurity enthusiasts who place their expertise in information security at the service of their clients.

Christophe FORET

Christophe is one of the co-founders of C-Risk.

He is currently in charge of customer support, he works on the FAIR™ standard in Europe, and he takes leadership on matters regarding C-Risk's management.

Tom CALLAGHAN

Tom is one of the co-founders of C-Risk. Prior to creating C-Risk, Tom led a practice of about 40 people at Dell on digital transformation issues. Tom is in charge of delivery and of the technical aspects of the operation. He also provides support to our clients.

Lydie AUBERT

Lydie joined C-Risk in 2016 after several spent in Canada. Now she operates from Nantes; she is in charge of marketing and is also involved in the development of C-Risk (recruitment, business processes). She has worked in various sectors: show production, software, energy efficiency.

Lydie LAOUENAN

Lydie joined C-Risk in 2020 and she is responsible for financial and administrative management. Before taking on this daunting task, Lydie worked in the subsidiary of an Italian group and as a freelancer for VSEs and SMEs. Lydie has also taught taxation and HR courses to 2nd and 3rd year MBA students at INSEEC (a French Business School).

Gerard CARROLL

Gerry joined C-Risk in January 2022 as a Cyber Security Consultant focusing on Cyber Risk Quantification and Cyber Security Governance.

He has CISSP certification and has worked in IT for over 10 years across various industries.

Cybersecurity consulting

At C-Risk, a cybersecurity consultant never works alone. This is how we can share best practices in cyber risk management and continuously help each other improve our skills, all for the benefit of our clients.
Preparation phase
We research information about our client, their sector of activity, etc. We analyse their request, set up a methodology and determine how many risks need to be assessed.
Kick off
We present the project to our client: how many weeks of support we have planned for, who needs to be interviewed, which method is going to be implemented, examples of deliverables, etc.
Project implementation
We collect data on the client's market, we study the company to determine its value chain and its main assets, we choose which scenarios to test, then we quantify the risks, and finally, we make recommendations to the client.

These assignments couldbecome yours

One of our latest assignments took place at the headquarters of a large international firm of 80,000 people. Our goal was twofold: Demonstrate that we could identify and quantify the main cyber risks within just a few weeks. Define the nature and estimate the amounts of the losses our client might be confronted with in our crisis event scenarios, in order to support their negotiations on cyber insurance coverage and excess. The application cases of quantification are numerous and always differ depending on the sector of activity, the geography, the size and the maturity of the client’s organisation. This makes our services very rewarding and always diverse.

Join the team
Cyber Risk Quantification expert