Cybersecurity, Podcasts, Risk CRMG Podcast: Managing Cyber Risk While Growing an Online Business

The emergence and rapid growth of online retail is a great example of how businesses can move most of their operations online. Even businesses that don’t sell their products or services online are now benefiting...

Read more…
Cybersecurity, Risk Cyber Risk: Don’t lose sight of the information

The construction industry is notorious for its reliance on complex supply chains. Entire ecosystems of partners and suppliers collaborate to produce the urban landscapes of tomorrow...

Read more…
Cybersecurity, Podcasts, Risk CRMG Podcast: Remote Working and the New Cybersecurity Threat Landscape

Since the outbreak of COVID-19, there has been a period of major transition and organisations have had to quickly adapt to weather the storm. Many have managed to remain operational...

Read more…
Risk Cyber Risk in M&A: the importance of transparency

A key principle that organisations must adopt when responding to a cyber attack is transparency. There are plenty of cautionary tales...

Read more…
Risk, Third Party Assurance CRMG’s Team Account of the Corona Pandemic – May 1

As a senior member of the CRMG Management Team, I thought it might be useful to share my own perspective on effective strategies for managing the effects of the current lockdown...

Read more…
Risk Virtual Private Network (VPN) – Key threats & security considerations

In the wake of the COVID-19 pandemic, many organisations find themselves scrambling to meet the sudden spike in Virtual Private Network (VPN) traffic, as most employees are now working from home....

Read more…
Risk Cyber Risk Management – Top Hints & Tips

Embarking on a risk-based approach in cybersecurity is a significant undertaking. However, we at CRMG believe it is the right approach to take in order to protect your organisation, your clients, and your employees...

Read more…
Cybersecurity, Risk Staying Safe in Cyberspace While Working from Home

With offices and schools now closed to non-essential workers, most of us are now operating remotely from our homes, often using personally-owned computers and laptops. We’re also relying on online services...

Read more…
Cybersecurity, Risk Basic Cybersecurity Hygiene: 5 inalienable truths

At CRMG we don’t have an aversion to the array of highly impressive products and services that compete for the modern CISO’s budget. As an example, the role that artificial intelligence (AI) can play in speeding up an organisation’s targeted...

Read more…
Cybersecurity Strategy, Risk The Do’s and Don’ts of Building a Cybersecurity Programme

Do you have a security programme that needs beefing up? Or are you involved in a startup that’s still in the planning stages of information and cybersecurity? Either way, it may not be clear what is needed and where to start...

Read more…
Cybersecurity, Risk Why Ransomware Isn’t Going Away Anytime Soon

2019 was an extremely successful year for ransomware, rife with attacks and many high-profile victims. Of all the cyber threats, ransomware was proven to be the most devastating. In the UK, it was reported by the government’s Cyber Security Breach Survey...

Read more…
Cybersecurity, Risk SOC it to Them – But make sure the fundamentals are in place first

Many organisations are cottoning on to the benefits of a Security Operations Center (SOC) when it comes to achieving effective enterprise-wide systems monitoring, incident detection and response...

Read more…
Executive Management, Risk How to Get Business Managers On-side with Information Security and Cyber-risk

One of the biggest challenges facing cybersecurity staff is dealing with the misconceptions held by senior managers within an organisation. Many business managers have a misguided picture of information security and the possible consequences...

Read more…
Cybersecurity, Risk What Can CISO’s do to Mitigate Security Risks Posed by Third Party Suppliers?

In today’s hyper-connected digital age, it’s not unusual for medium to large-sized companies to have hundreds, or even thousands, of third-party suppliers. This can range from product suppliers, to billing processors, to cloud providers, and a variety of different services...

Read more…
Risk Why Cloud Risk Will Raise Business Risk in 2020

Going into 2020, businesses are expected to continue the transition from on-premise to cloud.  Many are increasingly adopting a cloud-first strategy, where if possible, they will run their services on a cloud platform vs keeping them in a data center.  And why not? The benefits of moving to the cloud are enormous and the list is long...

Read more…
Podcasts, Risk CRMG Podcast: How to Manage Third Party Risk When you Have Thousands of Suppliers

Not so long ago, the idea of outsourcing critical business functions or IT systems to a third party supplier would have been off limits for many organisations because of the level of risk involved. However today, the use of third party suppliers has increased exponentially...

Read more…
Risk Risk in Retail: Staying on the right side of the headlines

In the last 30 years, the risk landscape has transformed significantly for retailers. Think back to the early 1980s.  There was no internet then. Every retailer had only on-site equipment, some of which would be in their own data centers or in a rack in a small room in their office buildings...

Read more…
Podcasts, Risk CRMG Podcast: A Pragmatic Approach to Defining your Threat Profile

Organisations are facing new types of advanced persistent threat scenarios that current risk management programmes cannot defend against. To effectively counter threats, business leaders must have a...

Read more…
Risk How to Make Sense of Risk Management in Cybersecurity? Tip: Avoid gut instinct

You can't avoid risk management. It's just as fundamental to our business as it is to our lives. From checking an email address before sending sensitive documents, to looking left and right before crossing a road...

Read more…
Executive Management, Risk The Challenges in Assessing Third-Party Cybersecurity Risk – A case study

Imagine this scenario: A CISO leading a cyber security department receives an urgent request from a senior executive.  The senior executive is getting ready to close a big deal with a third party...

Read more…
Critical Asset Protection, Risk How Can You Protect What You Don’t Know You Have?

On more than one occasion, I have stood before senior management and posed the question “what are your information assets?” – and in each case, they didn’t know...

Read more…