Developing an effective cybersecurity policy is a fundamental stepping stone when creating a comprehensive cybersecurity plan. Like any other corporate policy, they are a roadmap that defines what is in scope and establishes the baseline for ‘good’ cybersecurity practices.
A key challenge for leaders, however, is getting key stakeholder input. Traditional policies are often written in silos – in ways that are not clear to the audience they are meant to influence. Stakeholder contributions and their understanding of the language and purpose of the policy/s is an essential phase when implementing cybersecurity processes and awareness. Without them, it will not influence the business.
In this podcast, Nick Frost, Co-Founder and Director at CRMG, is joined by Simon Lacey, Principal Consultant at CRMG. Together they discuss the following:
- The lifecycle of a cybersecurity policy
- The questions you should ask when creating or reviewing existing policies
- Who you should get involved (stakeholders) within the organisation and the language to use to engage the business
- Language and crafting – translating cybersecurity requirements to those who aren’t in cybersecurity
The speakers

Nick Frost Simon Lacey
Director Principal Consultant
If you would like our team to discuss a topic or address a certain challenge, please contact us at info@crmg-consult.com.
For more information on cybersecurity policies, contact us to speak to an expert.
Related Articles
04.02.2021. Governance
Cybersecurity in the Wake of Amey: Keeping yourself out of the headlines
The recent ransomware attack on Amey rattled nerves in the construction industry. Amey’s response to the breach was seemingly responsible, but when all is said and done...
Read more…
13.11.2020. Cybersecurity, Podcasts
Neurodiversity and Cybersecurity – Untapping a superpower
When you think about cybersecurity, you generally don’t tend to think about people, and you certainly don’t think about the neurodiversity of people. The profession has been battling a skills gap...
Read more…
01.10.2020. Cybersecurity, Podcasts
CRMG Podcast: How to Fast-Track Your Cybersecurity Journey with a No-Nonsense Gap Assessment
For most organisations, particularly those that are small to mid-size, budget and resources for cybersecurity may not be sufficient to effectively protect their organisation...
Read more…