CRF

Cybersecurity Risk Foundation

Expert Cybersecurity Insights to Combat Common Threats.

Cybersecurity practitioners all face the same challenges. There is no reason we should face them alone. The research published by the Cybersecurity Risk Foundation (CRF) is the culmination of decades of cybersecurity experience, consolidated into simple strategies to allow organizations to focus on implementing a solid cybersecurity strategy rather than designing it alone.

Governance & Risk

Resources for effective cybersecurity risk management and governance.

Threat Modeling

Frameworks to identify, analyze, and mitigate security threats.

Policies & Safeguards

Policy guides and Safeguards for comprehensive protection.

Audit & Assessment

Tools and Research for cybersecurity audits and assessments.

Welcome to the cybersecurity Risk Foundation

We offer comprehensive research and resources for cybersecurity professionals, including frameworks, policy guides, safeguards, and an online assessment tool to help manage and mitigate risks. Our solutions are designed to strengthen your cybersecurity posture and ensure robust protection for your digital assets.

Access cutting-edge tools and expert advice to tackle the complexities of cybersecurity. Join us to safeguard your organization against evolving threats and achieve compliance with industry standards.

screenshot of crf homepage

Our Research

The Business Case for Cybersecurity

An exploration of how prioritizing cybersecurity is essential for business continuity, competitive advantage, and building customer trust.

Governance & Risk Model

An overview of integrating cybersecurity governance and risk management to support business goals and compliance.

Threat Taxonomy

An in-depth classification of cybersecurity threats, providing an overview of potential risks and vulnerabilities in the digital landscape.

Maturity Model

A detailed framework for assessing an organization's cybersecurity maturity, ensuring alignment with strategic business goals.

Safeguards

Detailed insights into the protective measures and controls that organizations can use to secure their digital assets against cyber threats.

Audit Framework

A structured guide for enhancing an organization's cybersecurity measures through systematic audits and compliance checks.

SANS logo
IANS logo transparent
CRF shortened logo banner transparent
Red Canary logo transparent
Cyverity logo

Become a Member of the Community