Cybersecurity, Information Risk Management 3 Simple Steps to Protect Yourself from Cyber Crime While Working from Home

Having been advised to work from home with offices and schools closing to non-essential workers - most of us are now operating remotely from our homes using home computers and laptops...

Read more…
Cybersecurity, Information Risk Management Basic Cybersecurity Hygiene: 5 inalienable truths

At CRMG we don’t have an aversion to the array of highly impressive products and services that compete for the modern CISO’s budget. As an example, the role that artificial intelligence (AI) can play in speeding up an organisation’s targeted...

Read more…
Cybersecurity Strategy, Information Risk Management The Do’s and Don’ts of Building a Cybersecurity Programme

Do you have a security programme that needs beefing up? Or are you involved in a startup that’s still in the planning stages of information and cybersecurity? Either way, it may not be clear what is needed and where to start...

Read more…
Cybersecurity, Information Risk Management Why Ransomware Isn’t Going Away Anytime Soon

2019 was an extremely successful year for ransomware, rife with attacks and many high-profile victims. Of all the cyber threats, ransomware was proven to be the most devastating. In the UK, it was reported by the government’s Cyber Security Breach Survey...

Read more…
Cybersecurity, Information Risk Management SOC it to Them – But make sure the fundamentals are in place first

Many organisations are cottoning on to the benefits of a Security Operations Center (SOC) when it comes to achieving effective enterprise-wide systems monitoring, incident detection and response...

Read more…
Executive Management, Information Risk Management How to Get Business Managers On-side with Information Security and Cyber-risk

One of the biggest challenges facing Cyber Security staff is dealing with the misconceptions held by senior managers within an organisation. Many business managers have a misguided picture of information security and the possible consequences...

Read more…
Cybersecurity, Information Risk Management What Can CISO’s do to Mitigate Security Risks Posed by Third Party Suppliers?

In today’s hyper-connected digital age, it’s not unusual for medium to large-sized companies to have hundreds, or even thousands, of third-party suppliers. This can range from product suppliers, to billing processors, to cloud providers, and a variety of different services...

Read more…
Information Risk Management Why Cloud Risk Will Raise Business Risk in 2020

Going into 2020, businesses are expected to continue the transition from on-premise to cloud.  Many are increasingly adopting a cloud-first strategy, where if possible, they will run their services on a cloud platform vs keeping them in a data center.  And why not? The benefits of moving to the cloud are enormous and the list is long...

Read more…
Information Risk Management, Podcasts CRMG Podcast: How to Manage Third Party Risk When you Have Thousands of Suppliers

Not so long ago, the idea of outsourcing critical business functions or IT systems to a third party supplier would have been off limits for many organisations because of the level of risk involved. However today, the use of third party suppliers has increased exponentially...

Read more…
Information Risk Management Risk in Retail: Staying on the right side of the headlines

In the last 30 years, the risk landscape has transformed significantly for retailers. Think back to the early 1980s.  There was no internet then. Every retailer had only on-site equipment, some of which would be in their own data centers or in a rack in a small room in their office buildings...

Read more…
Information Risk Management, Podcasts CRMG Podcast: A Pragmatic Approach to Defining your Threat Profile

Organisations are facing new types of advanced persistent threat scenarios that current risk management programmes cannot defend against. To effectively counter threats, business leaders must have a...

Read more…
Information Risk Management How to Make Sense of Risk Management in Cybersecurity? Tip: Avoid gut instinct

You can't avoid risk management. It's just as fundamental to our business as it is to our lives. From checking an email address before sending sensitive documents, to looking left and right before crossing a road...

Read more…
Executive Management, Information Risk Management The Challenges in Assessing Third-Party Cybersecurity Risk – A case study

Imagine this scenario: A CISO leading a cyber security department receives an urgent request from a senior executive.  The senior executive is getting ready to close a big deal with a third party...

Read more…