MetricStream and C-Risk Partner to Accelerate the Adoption and Value of Cyber Risk Quantification

PARIS, October 31, 2022 - MetricStream, the global market leader in integrated risk management (IRM) and governance, risk, and compliance (GRC), and C-Risk, a leading international authority in cyber risk quantification (CRQ), today announced a partnership to jointly offer MetricStream’s CyberGRC and C-Risk’s CRQ enablement and training services to customers. The combination of MetricStream’s CyberGRC that includes advanced CRQ and Simulation, and C-Risk’s enablement services will enable faster time to value and help operationalise CRQ initiatives for organisations.

Cyber risk management has become a critical business issue for companies of all sizes and industries. However, decisions concerning insurance, controls to be implemented, investments in IT and security projects, tools, and resources are often made without understanding the plethora of risks that exists in each scenario and how a proposed solution can reduce those risks in monetary terms. CRQ, in particular the Factor Analysis of Information Risk™ (FAIR™) standard, allows modelling of risk scenarios and quantification of the financial impact using statistical and probabilistic techniques.

"Cyber risk quantification is a decision support tool that helps organisations present risk in financial terms to general management, justify and prioritise cyber security budgets as well as optimise a company's cyber insurance. It is the obvious next step in the GRC program of any organisation wanting to improve its cyber security governance,” said Christophe Forêt, President of C-Risk.

“CISO’s and cyber leaders across industries are looking to prioritise and address their cyber risks, as well as drive maximum ROI from their cyber investments,” said Raghuram Srinivas, Senior Vice President, Product Management, MetricStream. “We are excited to partner with C-Risk to accelerate the value of MetricStream’s CRQ capabilities with targeted FAIR™ training and enablement.”

C-Risk will also be presenting at the MetricStream GRC Summit. Join us on November 8 and 9 in London for the 10th Annual GRC Summit, Experience the Power of Connection

About C-Risk:

C-Risk provides solutions to quantify information security and technology risk in financial terms. We help organisations understand information risk in business terms, decide how to prioritize investments to improve cyber resilience and information security compliance.

Recognized internationally for its expertise in cyber risk quantification (CRQ), C-Risk offers training on the FAIR™️ methodology, CRQ as a Service as well as Cyber Risk Quantification Enablement Services to help organization build their internal risk quantification capabilities and improve their overall information security governance.

For more information www.c-risk.com, LinkedIn, and Twitter.

About MetricStream

MetricStream is the global SaaS leader of Integrated Risk Management and GRC solutions that empower organizations to thrive on risk by accelerating growth via risk-aware decisions. We connect governance, risk management and compliance across the extended enterprise. Our ConnectedGRC and three product lines – BusinessGRC, CyberGRC, and ESGRC – are based on a single, scalable platform that supports you wherever you are on your GRC journey.

MetricStream is headquartered in San Jose, California, with an operations and R&D center in Bangalore, India, and sales and operations support around the globe. More information is available at www.metricstream.com, LinkedIn, Facebook and Twitter.