CRMG Podcast: Why Cyber Security Policy is Still King

Developing an effective cyber security policy is a fundamental stepping stone when creating a comprehensive cyber security plan. Like any other corporate policy, they are a roadmap that defines what is in scope and establishes the baseline for ‘good’ cyber security practices.

A key challenge for leaders, however, is getting key stakeholder input. Traditional policies are often written in silos – in ways that are not clear to the audience they are meant to influence. Stakeholder contributions and their understanding of the language and purpose of the policy/s is an essential phase when implementing cyber security processes and awareness. Without them, it will not influence the business.

In this podcast, Nick Frost, Co-Founder and Director at CRMG, is joined by Simon Lacey, Principal Consultant at CRMG. Together they discuss the following:
  • The lifecycle of a cyber security policy
  • The questions you should ask when creating or reviewing existing policies
  • Who you should get involved (stakeholders) within the organisation and the language to use to engage the business
  • Language and crafting – translating cyber security requirements to those who aren’t in cyber security

The speakers

Nick Frost                             Simon Lacey                     
Director                                  Principal Consultant

If you would like our team to discuss a topic or address a certain challenge, please contact us at

For more information on cyber security policies, contact us to speak to an expert.