Become a member

New CRI Updates Reflect Profile’s Ability to Adapt

Profile version 1.2.1 incorporates guidance to help both the government and financial institutions achieve key objectives. Washington, D.C.–The Cyber Risk Institute (CRI) is pleased to announce new and important updates to the growing body of work related to the Profile. The CRI Profile connects key cybersecurity control principles to guidance from government agencies and can … Continued

CRI Launches Two New Programs to Support the Financial Sector Ecosystem

CRI’s Affiliate Program will increase access to the Profile in the marketplace, and CRI’s Innovator Program will grow the CRI ecosystem. Washington, D.C.–November 17, 2022. ​The Cyber Risk Institute (CRI) announced today two key programs to meet the growing demand for the CRI Profile* in the financial sector ecosystem. These new programs will offer companies … Continued

CRI Announces Completion of Cloud Profile Extension

Financial Sector and Cloud Security Providers Complete Initiative To Enhance Cybersecurity A joint trade initiative identifies roles and responsibilities between firms and cloud security providers, establishing a mutually beneficial framework for cybersecurity. Washington, D.C.—The Cyber Risk Institute (CRI), the Cloud Security Alliance (CSA), and the Bank Policy Institute-BITS announced today the release of a cloud … Continued

CRI Announces Exciting New Initiative

Axio Joins with Cyber Risk Institute to Deliver Cybersecurity Resilience to Financial Services Institutions Across the Globe New York, NY and Washington, DC — February 2, 2022 — Axio, a leading SaaS provider of cyber risk management and quantification solutions, today announced a new joint initiative with the Cyber Risk Institute (CRI), a non-profit coalition … Continued

CRI Releases Major Update – Version 1.2 – to Financial Services Cyber Security Profile

Version 1.2 dramatically expands the reach of the Profile, incorporating key international cyber expectations for the financial institutions. Today, December 14, 2021, the Cyber Risk Institute (CRI) released Version 1.2 of the Profile: The CRI Profile is a widely accepted cyber security regulatory compliance framework. This release is the largest update to the Profile … Continued

CRI Reflects on White House Cyber Summit

With the announcement of the commitments to improve cybersecurity by the participants of the 8/25 meeting at the White House, CRI appreciates President Biden’s determination to improve the overall cybersecurity of our nation and especially that of our critical infrastructure.  There is a shared responsibility between owners and operators of critical infrastructure, and the government … Continued

CRI Profile Designated Major Cybersecurity Initiative in Europe by Leading EU Cybersecurity Regulator

Washington, D.C. – Today, the European Union Agency for Cybersecurity (referred to by its original acronym, ENISA) recognized the Cyber Risk Institute Financial Services Cybersecurity Profile (the Profile) in a new report published to outline major cybersecurity initiatives that could benefit financial services participants as they navigate the EU cybersecurity landscape. The report describes the … Continued

CRI Submits Letter To FRB, FDIC and OCC in Response To the Profile’s Inclusion in Joint Agency Report on Operational Resilience

Yesterday, the Cyber Risk Institute (CRI) sent a letter to the Federal Reserve Board (FRB), the Federal Deposit Insurance Corporation (FDIC) and the Office of the Comptroller of the Currency (OCC) that acknowledged the inclusion of the CRI Cybersecurity Profile[1] within a report on operational resilience issued jointly by the three agencies. In this letter, CRI … Continued