C-Risk

🔒 Meet a C-Risk Cyber Security and Risk expert: Yassir Yassir joined C-Risk in 2023 as a cyber security and risk consultant with more than 10 years of IS and Security auditing experience in the aviation, medical technology, financial services, and technology industries. 👉He evaluates security environments to identify risks and performs data-driven risk assessments. Yassir previously worked as an IT auditor for a BIG 4, as a senior technology risk consultant and as a senior information management internal auditor in the medical and aviation sectors. 💡Yassir is known at C-Risk for his curious mind and being a fast learner. He is passionate about data analysis. Yassir is certified in Open FAIR, CISA and ISO 27001 Lead Auditor, and received a Masters from Neoma Business School in Rouen.  Yassir is an active member of ISACA and the FAIR Institute. In his free time, Yassir is preparing for his private pilot's license and enjoys travelling.

📌There are many ways to talk about risk. Risk is sometimes defined as the possibility of something bad happening, the effect of uncertainty on objectives, and the possibility of loss. 👉When discussing information and technology risk, C-Risk has chosen to use the FAIR standard definition of risk: the probable frequency and probable magnitude of future loss. Defining a risk using the FAIR definition is one of the key concepts Neil MacGowan and Sarah Atiah discuss in the latest C-Risk's webinar on C-Risk's CRQ training. ✅Watch the replay: https://bit.ly/3wLtYBf ✅Register for an upcoming CRQ training session: https://lnkd.in/eBcx8v97

🔒 Meet a C-Risk Cyber Security and Risk expert: Inga Ignat Inga joined C-Risk in 2024 as a Cyber Security and Risk Management Consultant. She has more than eight years of experience in cybersecurity. Inga is highly motivated and target-oriented, with extensive knowledge and hands-on experience in IT and cybersecurity governance, risk management and compliance, Third-Party Risk Management, and Information Security Controls. 🎓Inga holds a master's degree in Information Security and is certified ISO/IEC 27001 Senior Lead Auditor, Information Security Manager (CISM) and Open FAIR2. She has a strong background in ISMS implementation and assessment across industries such as financial, insurance, health, and digital infrastructure, in both public and private sectors, including operators of essential services. Inga is an important contributor to the C-Risk knowledge base. 📚

You could be missing critical insights by relying on point-in-time risk assessments for your Third-Party Risk Management, leaving your organization vulnerable to third-party risk. Third-party questionnaires are manual, subjective, and time-intensive processes. They can leave you with an incomplete or, worse, inaccurate understanding of your third-party risk landscape. Effective Third-Party Cyber Risk Management should be: 👉 data-driven: providing objective, measurable risk insights  👉 agile: enabling risk-based prioritization of controls 👉 continuous: driving effective business decisions   At C-Risk, we provide data-driven third-party cyber risk management solutions, including the SAFE One CRQ platform and the TPRM module. 📌To learn more about SAFE One CRQ platform👉 https://lnkd.in/e9aWUgK6

🔒 Meet a C-Risk Cyber Security and Risk expert: Sarah! Sarah joined C-Risk in 2023 as a Cyber Security and Risk Management Consultant. She is skilled in risk management, incident management and cyber awareness. She has more than 7 years of experience working in information security and risk management. Her optimistic outlook provides a new perspective in the field. After working in qualitative risk assessment, she decided to upgrade her skills and focus on the cyber risk quantification. Sarah is recognized for: ✅ research and analysis methods  ✅ communication skills Sarah is a huge asset to the C-Risk team and has hosted several webinars sharing her insights on Cyber Risk Quantification! 🎓📚 Sarah earned a Masters in Information Technology System Management from Mines-Telecom Institute and is also certified in Open Fair, ISO 27001 (Lead Auditor) and ISO 27005 (Risk Manager)  In her free time, Sarah enjoys vegetarian cuisine, gardening, animals, and travel 🐕🌱 👉Sarah regularly participates in cybersecurity and risk management conferences. 

If you have thousands of third-party vendors, how do you manage your third-party risk? Re-thinking Third-Party Risk Management in a way that is data-driven, risk-based, agile and continuous is key to effective third-party cyber risk management. At the 2024 FAIR Institute Europe Summit, Meena Martin presented key areas where TPRM needs to be addressed. Meena also shared what she is doing at GSK to improve the organization's TPRM. 👉 Watch the replay: https://lnkd.in/gR79_EJW At C-Risk, we offer comprehensive, data-driven third-party cyber risk management solutions that integrate open standards such as FAIR, NIST CSF, and MITRE ATT&CK with Safe One CRQ platform and the Third-Party Risk module. 👉 Schedule a demo: https://lnkd.in/ghXDcnJ3

Do you know which third-party control is the most valuable to your cybersecurity strategy? Increased investment in new controls doesn't automatically translate to improved risk reduction. Without proper measurement and monitoring, even sophisticated controls may not be cost-effective or deliver the expected risk reduction as threats evolve. TPRM that includes Cyber Risk Quantification using FAIR-CAM (FAIR Controls Analytics Model), an extension of the FAIR™ framework, makes it possible to measure: 📌 How controls affect the frequency and magnitude of loss events 📌 Where controls are most effective within your value chains 📌 Which controls will best protect your critical assets   👉 C-Risk offers comprehensive, data-driven third-party cyber risk management solutions that integrate open standards such as FAIR, NIST CSF and MITRE ATT&CK. Our approach ensures that your cybersecurity investments deliver measurable risk reduction and maintain their efficacy over time. Schedule a call with us to discover how our data-driven approach can enhance your third-party risk management: https://lnkd.in/ghXDcnJ3

Logique, répétable et justifiable, l'analyse quantitative des risques basée sur la méthodologie FAIR permet d'exprimer le risque cyber en termes financiers. 👉Pour comprendre les bases de la méthodologie FAIR ou la mettre en pratique et en tirer des bénéfices, formez-vous aux côtés de Grégoire P. : ✅ Formation de 4h pour les non-praticiens Repartez avec les outils essentiels pour comprendre la méthode FAIR, les méthodes d'analyses qualitatives et quantitatives ou encore les chaînes de pertes ✅ Formation de 14h pour les praticiens Apprenez à modéliser un scénario de risque et à fournir des estimations calibrées, mettez en pratique une analyse de risque quantitative et comprenez les cas d'usages de la CRQ Modalités et dates de formation disponibles : https://lnkd.in/e3qwna47 Prenez rendez-vous directement auprès de Grégoire P., training manager : https://lnkd.in/eaMM5m6q

🔒 Meet a C-Risk Cyber Security and Risk expert: Gerry! Gerard Carroll joined C-Risk in 2022 and is now our Delivery Manager. He has proven his expertise in information security and risk management. With over 10 years of experience in key roles related to IT and information security, Gerry plays a crucial role in the success of our projects, ensuring management and delivery that meet the highest standards. His impressive background in consulting and project management is distinguished by a particular focus on business continuity, GRC, and cyber risk quantification. Gerry is recognized for: ✅ his ability to solve complex problems  ✅ his keen sense of organization ✅ his communication skills Gerry is a huge asset to the team. He is always leveling up his skills and participating in top-tier conferences such as those organized by ISACA. 🎓📚  He holds a master's degree in commerce, including professional certifications – Open FAIR, ITIL, and CISSP. He also has a passion for sports, particularly rugby and golf. 🏈⛳️ 👉You can meet Gerry at the Cyber Ireland conference on September 26th in Dublin!

Were you unable to attend our latest webinar on Cyber Risk Quantification risk assessments? 🎙️ You can register to watch the replay. The webinar address some of the challenges of qualitative risk assessments: - People don't want to take a position - The Interviewee has biases - It's hard to find the right person to answer the question Sarah Atiah, a C-Risk Cyber Security and Risk Management Consultant, shares her insights on the advantages of quantitative risk assessments. Replay available: https://bit.ly/3wLtYBf