Vision for CRML
Cyber risk today is mostly documented in spreadsheets, PDFs, and slide decks β formats that are hard to version, automate, or integrate with tooling.
CRML (Cyber Risk Modeling Language) aims to represent cyber risk asΒ structured, machine-readable modelsΒ instead of documents. This allows risk scenarios to be version-controlled, generated by tools, and executed through simulations.
Over time, CRML can become theΒ default contract format for sharing risk informationΒ across organizations, industries, and nations β without exposing confidential internal data. And if things go really well, maybe evenΒ interplanetary or intergalactic systemsΒ too. π€
Tools likeΒ CRML CodeΒ exist to make this easier, allowing practitioners to generate and execute CRML models without needing to manually write the language.
The goal is simple: make cyber riskΒ something machines can understand and operate on, not just something humans write reports about.
Replies