C-Risk is dedicated sharing quality insights with our readers. Our blog articles explore a range of topics with a focus on Cyber Risk Quantification, cybersecurity, and technology in business.
SEC final rules: cybersecurity in focus
Discover the SEC's final rules on cybersecurity, governance, and disclosures. Learn how to improve disclosures with quantitative and qualitative methods.
Eliza Davies
Follow us:
Protecting health data: challenges and solutions in cybersecurity
The healthcare sector is a major target for cybercriminals. And with the rise in cyberattacks, strong health data protection strategies are critical.
Melissa Parsons
DORA: mitigating ICT risks and strengthening digital resilience
Gain insights into the EU's Digital Operational Resilience Act: its implications for financial entities, challenges for compliance and achieving digital operational resilience.
Industry 4.0: the challenges of industrial cybersecurity
Discover the core technologies driving Industry 4.0 and understand the operational cybersecurity challenges they bring.
CCSP: Mastering cybersecurity in the cloud
Dive into the world of cloud security certification with C-Risk's CCSP guide. You will gain a high-level overview of the six domains of cloud computing, how to prepare for the CCSP exam and the opportunities that await a certified IT professional.
CISSP: An in-demand certification for cybersecurity professionals
The CISSP is the gold standard for information security and cybersecurity professionals. Learn about its benefits, requirements, and how it boosts your career in information security.
Is Cloud Computing a Risk?
The Cloud & Your Digital Assets: CRQ Methods for Risk Management
Christophe Forêt
Fundamentals of Information Security: Risk as a Foundation of Cybersecurity
Explore the foundations information security, focusing on risk-based strategies to safeguard digital assets against cyber threats in the age of SaaS, IoT, and AI.
Cybersecurity in 2023: mitigating risk with good governance
Cybersecurity and information security risk management empowers organizations to make defensible decisions and build cyber resilience.
Cyber attacks: how to identify them and protect yourself effectively?
Cyberattacks are malicious attempts to harm a defined target. Find out how to protect your business against cybercrime in 2022.
Lydie Aubert
Cybersecurity governance best practices: the complete guide
What is cybersecurity governance? How and why should I implement cybersecurity governance?
What should your crisis management process be for a cyberattack?
How to apply the traditional crisis management procedure to a cyber attack? What specificities should you consider? What are the tools at your disposal?
The Sunburst supply chain attack explained
Discover how “The “Sunburst” supply chain attack impacted hundreds of businesses, and remains one of the most sophisticated and widespread cyberattacks.
Financial quantification - Ransomware losses
Follow this 4-steps method based on financial quantification of risk to reduce your exposure to ransomware losses, by gauging the true financial impact of incident.
Grégoire Paillas
CISO Budget Challenge
The current COVID-19 context is putting enormous pressure on companywide budgets including information security.
Quantifying controls efficiency for M&A
How to manage cyber risk in a Merger and Acquisition context? Watch discussion of experts from C-Risk and RiskLens in a 45 minutes webinar.
Is HAZOP applicable to cybersecurity?
The HAZOP method applies to the analysis of cyber risks of the industrial company. A guide to advantages, disadvantages and approaches applied to IT.
A guide to the EBIOS methodology: definition, procedure, limitations
What is the EBIOS cyber risk analysis method? Which structures can make use of it? What are its benefits and drawbacks?
Léa Goichon
ISO 27005: everything you need to know if you are considering implementing it
Everything you need to know about the international standard ISO 27005. Official definition, summary, methodology, advantages, and limitations.
Risk Quantification
For a lot of industries, Business Continuity (BCP) and Disaster Recovery (DR) is a requirement; however, a lot of the time the programs are minimalistic in nature.
Business continuity plan BCP: planning and preparing for a cyberattack
Business Continuity Plan (BCP): what do you need to know? How to prepare for cyberattacks and ensure the resilience of your company?
How to manage crisis communication after a cyber attack
How to prepare your crisis communication in the event of a cyberattack. From the communication cycle to priority targets and messages: the complete guide.
Examining the Complexities of Cyber Risk Insurance
Understand your financial exposure to cyber risks such as cyber crime, give your business a head start when negotiating cyber insurance cover against cyber incidents.
Is FMEA suitable for cyber risk analysis?
The FMEA method is qualitative. It is useful in order to draw up a mapping of cyber risks, based on subjective ordinal and nominal scales. Justifying and prioritising corrective actions is far more effective when done through a quantitative analysis.
How to set up a crisis response team after a cyberattack?
Procedures you should follow to create a crisis response team to anticipate and respond to cyberattacks