Cybersecurity, Podcasts, Risk CRMG Podcast: Managing Cyber Risk While Growing an Online Business

The emergence and rapid growth of online retail is a great example of how businesses can move most of their operations online. Even businesses that don’t sell their products or services online are now benefiting...

Read more…
Cybersecurity, Risk Cyber Risk: Don’t lose sight of the information

The construction industry is notorious for its reliance on complex supply chains. Entire ecosystems of partners and suppliers collaborate to produce the urban landscapes of tomorrow...

Read more…
Podcasts, Privacy & Data Protection CRMG Podcast: Data Ownership – a critical step in cybersecurity

The pace and scale at which we create and share data is greater than ever before. With such an abundance of information, data ownership is a real challenge...

Read more…
Company News Dan Rycroft Joins the CRMG Team as Delivery Director

The Cyber Risk Management Group (CRMG) welcomes Dan Rycroft to the team as Delivery Director. Dan brings with him a wealth of experience from various IT Management and Cybersecurity management roles...

Read more…
Company News An Expert Interview with the former Information Security Policy Manager at Bank of England – Simon Lacey

We sat down with Simon Lacey, former Information Security Policy Manager at the Bank of England, and current Principal Consultant at CRMG. Simon is an expert...

Read more…
Cybersecurity, Podcasts, Risk CRMG Podcast: Remote Working and the New Cybersecurity Threat Landscape

Since the outbreak of COVID-19, there has been a period of major transition and organisations have had to quickly adapt to weather the storm. Many have managed to remain operational...

Read more…
Governance Creating Resilience: 5 things cyber-criminals wish your business didn’t talk about

We don't need to tell you that effectively reducing risk and increasing resilience requires a carefully constructed multi-faceted plan, and most importantly the support of your people...

Read more…
Risk Cyber Risk in M&A: the importance of transparency

A key principle that organisations must adopt when responding to a cyber attack is transparency. There are plenty of cautionary tales...

Read more…
Crisis Management, Information Risk Assessment Safeguarding Your Operations from Unexpected Events with a Business Continuity Plan

Much earlier in my career, I presented a seminar on the importance of business continuity. Perhaps it was naïve of me to expect the message to be greeted...

Read more…
Governance, Podcasts CRMG Podcast: Why Cybersecurity Policy is Still King

Developing an effective cybersecurity policy is a fundamental stepping stone when creating a comprehensive cybersecurity plan. Like any other corporate policy, they are a roadmap that defines what...

Read more…
Company News An Expert Interview with Former CTO, Skechers Europe – Todd Wade

We sat down with Todd Wade, seasoned CISO, former CTO at Skechers Europe, and Principal Consultant at CRMG...

Read more…
Company News CRMG’s Team Account of the Corona Pandemic – May 19

Thinking back to when the lockdown was announced on the 23rd March, it now feels surreal that my family and I have managed to make what was unusual circumstances, the norm...

Read more…
Compliance The Cybersecurity Starting Point: Assess your position to make informed decisions

In a recent article ‘Basic Cybersecurity Hygiene: 5 Inalienable Truths’ we highlighted the importance of strong baseline cybersecurity disciplines to any organisation, irrespective of size or maturity. In essence, we contended that...

Read more…
Risk, Third Party Assurance CRMG’s Team Account of the Corona Pandemic – May 1

As a senior member of the CRMG Management Team, I thought it might be useful to share my own perspective on effective strategies for managing the effects of the current lockdown...

Read more…
Risk Virtual Private Network (VPN) – Key threats & security considerations

In the wake of the COVID-19 pandemic, many organisations find themselves scrambling to meet the sudden spike in Virtual Private Network (VPN) traffic, as most employees are now working from home....

Read more…
Risk Cyber Risk Management – Top Hints & Tips

Embarking on a risk-based approach in cybersecurity is a significant undertaking. However, we at CRMG believe it is the right approach to take in order to protect your organisation, your clients, and your employees...

Read more…
Company News CRMG’s Team Account of the Corona Pandemic – April 9

When the pandemic started to hit South East Asia, there was a lot of mixed information being shared among different communities and the media. I currently live and work for CRMG in Bali, Indonesia – which is one of the world’s...

Read more…
Company News CRMG’s Team Account of the Corona Pandemic – April 6

With the COVID-19 outbreak in the UK, I was struck by a sense of anxiety, like many were. I was concerned about how this would impact my career, how my family would cope, whether we would become ill...

Read more…
Company News CRMG’s Team Account of the Corona Pandemic – March 31

It all got a little more serious after Boris’s latest announcement didn’t it?... but it probably just confirmed what we already knew was going to happen. I have to say the Prime Minister is looking exhausted...

Read more…
Cybersecurity, Risk Staying Safe in Cyberspace While Working from Home

With offices and schools now closed to non-essential workers, most of us are now operating remotely from our homes, often using personally-owned computers and laptops. We’re also relying on online services...

Read more…
Company News CRMG’s Team Account of the Corona Pandemic – March 26

When Nick Frost and I set up CRMG back at the beginning of 2018, I don’t think either of us would have imagined the business circumstances we now find ourselves in...

Read more…
Company News CRMG Coronavirus Company Announcement

We find ourselves in unchartered waters and an uncertain time with the Coronavirus (COVID-19) outbreak which is having a global reach and touching every one of us. Our businesses, our work life...

Read more…
Cybersecurity, Risk Basic Cybersecurity Hygiene: 5 inalienable truths

At CRMG we don’t have an aversion to the array of highly impressive products and services that compete for the modern CISO’s budget. As an example, the role that artificial intelligence (AI) can play in speeding up an organisation’s targeted...

Read more…
Company News CRMG’s Team Account of the Corona Pandemic – March 23

So, Boris has officially announced what we all predicted and that the schools are closed for the foreseeable future. 20 minutes after this announcement we received emails with the kids’ homework for the next 2 weeks...

Read more…
Company News CRMG’s Team Account on the Corona Pandemic – Thursday, March 19

This is a personal account from the CRMG team about our experiences managing and coping with the current Coronavirus pandemic. We are real people trying to get through this tough time, and we want to emphasise that we are here to support...

Read more…
Cybersecurity Strategy, Risk The Do’s and Don’ts of Building a Cybersecurity Programme

Do you have a security programme that needs beefing up? Or are you involved in a startup that’s still in the planning stages of information and cybersecurity? Either way, it may not be clear what is needed and where to start...

Read more…
Cybersecurity, Risk Why Ransomware Isn’t Going Away Anytime Soon

2019 was an extremely successful year for ransomware, rife with attacks and many high-profile victims. Of all the cyber threats, ransomware was proven to be the most devastating. In the UK, it was reported by the government’s Cyber Security Breach Survey...

Read more…
Cybersecurity, Risk SOC it to Them – But make sure the fundamentals are in place first

Many organisations are cottoning on to the benefits of a Security Operations Center (SOC) when it comes to achieving effective enterprise-wide systems monitoring, incident detection and response...

Read more…
Executive Management, Risk How to Get Business Managers On-side with Information Security and Cyber-risk

One of the biggest challenges facing cybersecurity staff is dealing with the misconceptions held by senior managers within an organisation. Many business managers have a misguided picture of information security and the possible consequences...

Read more…
Cybersecurity, Risk What Can CISO’s do to Mitigate Security Risks Posed by Third Party Suppliers?

In today’s hyper-connected digital age, it’s not unusual for medium to large-sized companies to have hundreds, or even thousands, of third-party suppliers. This can range from product suppliers, to billing processors, to cloud providers, and a variety of different services...

Read more…
Company News CRMG Become CIISec Corporate Members

CIISec are delighted to welcome Cyber Risk Management Group (CRMG) as Corporate Members. CRMG is a leading provider of cyber security and information risk consultancy services and training courses...

Read more…
Cybersecurity, Executive Management, Podcasts CRMG Podcast: Changing Senior Management’s Perception of Cybersecurity for the Better

We constantly hear “senior management ‘get it’” – but do they really? Senior management's awareness of information security and cyber threats is essential if security teams are to effectively mitigate against them...

Read more…
Cybersecurity Prioritising Cyber Threats in 2020: Factors for success

In 2020, increased digital innovation is going to expand the threat landscape drastically, with the acceleration of technologies such as 5G, cloud and Internet of Things (IoT). This will lead to increased data creation, sharing and storage at a pace that is difficult for security teams to keep up with...

Read more…
Executive Management, Podcasts Building a Business that Serves – Interview with Nick Frost

In this episode, I interview Nick Frost. Nick is the Co-Founder of CRMG and has been involved in Cyber Security for over 20 years. Prior to starting his own business, he has held leadership roles at PWC and other similar companies. He started his first company in 2015 and just started CRMG in 2018 with a colleague...

Read more…
Risk Why Cloud Risk Will Raise Business Risk in 2020

Going into 2020, businesses are expected to continue the transition from on-premise to cloud.  Many are increasingly adopting a cloud-first strategy, where if possible, they will run their services on a cloud platform vs keeping them in a data center.  And why not? The benefits of moving to the cloud are enormous and the list is long...

Read more…
Company News Neil Ackerley Joins the CRMG Team as Principal Consultant

The Cyber Risk Management Group (CRMG) welcomes Neil Ackerley to the team as Principal Consultant. Neil will be working across multiple services from information risk management and risk assessments, to cyber security governance and CISO staff placements...

Read more…
Podcasts, Risk CRMG Podcast: How to Manage Third Party Risk When you Have Thousands of Suppliers

Not so long ago, the idea of outsourcing critical business functions or IT systems to a third party supplier would have been off limits for many organisations because of the level of risk involved. However today, the use of third party suppliers has increased exponentially...

Read more…
Cybersecurity Resilience: It’s not just about the technology

‘Cyber resilience’ seems to be something of a buzz phrase right now, with social media and vendor  promotional material often mentioning the importance of resilience. Many conversations about resilience focus on the importance of strong, robust defences, however are robust and strong defences really signs of resilience?...

Read more…
Risk Risk in Retail: Staying on the right side of the headlines

In the last 30 years, the risk landscape has transformed significantly for retailers. Think back to the early 1980s.  There was no internet then. Every retailer had only on-site equipment, some of which would be in their own data centers or in a rack in a small room in their office buildings...

Read more…
Podcasts, Risk CRMG Podcast: A Pragmatic Approach to Defining your Threat Profile

Organisations are facing new types of advanced persistent threat scenarios that current risk management programmes cannot defend against. To effectively counter threats, business leaders must have a...

Read more…
Risk How to Make Sense of Risk Management in Cybersecurity? Tip: Avoid gut instinct

You can't avoid risk management. It's just as fundamental to our business as it is to our lives. From checking an email address before sending sensitive documents, to looking left and right before crossing a road...

Read more…
Governance Chernobyl and its Cyber Lessons – Part 2

HBO’s recent ‘Chernobyl’ series, which re-told the story of the nuclear accident that threatened much of Europe in 1986, made for compelling viewing. The accident was said to have helped prompt the fall of the Eastern block and bring about a fundamental shift in global politics....

Read more…
Governance Chernobyl and its Cyber Lessons – Part 1

HBO’s recent ‘Chernobyl’ series, which re-told the story of the nuclear accident that threatened much of Europe in 1986, made for compelling viewing. The accident was said to have helped prompt the fall of the Eastern block and bring about a fundamental shift in global politics...

Read more…
Executive Management, Risk The Challenges in Assessing Third-Party Cybersecurity Risk – A case study

Imagine this scenario: A CISO leading a cyber security department receives an urgent request from a senior executive.  The senior executive is getting ready to close a big deal with a third party...

Read more…
Executive Management, Governance Top Management and Cybersecurity – Sometimes you just need a better strategy

As a CISO, you’re likely to have put forward many plans to improve the security posture for the users of your organisation.  Much of the time, you get Executive sign off and roll out whatever initiative it might be...

Read more…
Critical Asset Protection, Risk How Can You Protect What You Don’t Know You Have?

On more than one occasion, I have stood before senior management and posed the question “what are your information assets?” – and in each case, they didn’t know...

Read more…
Executive Management, Governance Cyber Security: Often a case of ‘too much, too late’

We live in a new world where cybercrime is bigger business than the global drugs trade. Cybercriminals can be both targeted and indiscriminate. It’s a $2 trillion business. Worrying stuff.

Read more…