Cyber Security in Practice. Right First Time

Tailored support to help you take control of your cyber security programme.

Introducing our Cyber Security Programme Support services.

CRMG can help you implement and maintain the building blocks of your risk-based cyber security programme via a range of tailored support services. Our focus is on helping you ensure your cyber security governance arrangements reflect your true risk profile, while being actionable and achievable. We’ll put together a custom support package that matches your specific needs, ensuring maximum value for money.

Cyber Security Strategy.

A realistic, risk-based strategy is fundamental to any organisation’s cyber security capability. Via our Cyber Security Programme Accelerator, we’ll work with you to shape a cyber security strategy that sets the right tone from the top and turns your cyber security programme into a genuine business enabler.

Cyber Security Policy & Standards.

Straightforward, easy-to-follow policies and standards provide the common language and guidance by which an organisation can convert its cyber security strategy into consistent reality.

We’ll work closely with you to produce a cyber security policy that sets out in detail exactly what is expected of the business, whilst aligning with your organisational culture and appetite for risk.

Cyber Security Assurance and ISO 27001 Certification

We’ll help you identify the right assessment framework for you — ISO 27001, the NIST Cyber Security Framework or any other recognised standard — and then undertake a gap assessment that produces helpful insights and sensible recommendations for gradual improvement.

If full ISO 27001 certification is right for you, we’ll guide you through the process, working with our certification partner to ensure everything goes smoothly. Where necessary, we can also support your internal/external audit team to implement an ongoing cyber assurance & audit programme.

Cyber Exercises.

CRMG will build a realistic cyber threat scenario to which key staff will be asked to respond in real-time in a ‘war game’ setting, stress-testing your organisation’s cyber resilience.

The aim is to assess management’s ability to invoke the business continuity and crisis management mechanisms you’ll already have developed, and to make rational decisions on the fly that minimise adverse impact.

Once completed we’ll provide a full review, flagging areas for remediation that can be integrated into your improvement plans.

Data Protection Support.

Protection of personal data about individuals — whether customers, suppliers, partners or staff — is not something you can risk getting wrong.

Our data protection experts will help you identify which data protection and privacy-related regulations (such as GDPR) apply in your organisation and assess how well they are currently being met.

We’ll then deliver an improvement plan that maps out each step you need to take to achieve ongoing compliance.

Staff Placements ‘as a service’.

Finding the right individual to lead a new or evolving cyber security programme isn’t easy. They’ll need to hold their own with senior management, but also be able to grapple with the details of a risk-based cyber security programme.

CRMG can provide the right people at the right time, on an ‘as a service’ basis.

Our vast operational experience and diverse industry contacts mean we can deliver experienced, qualified, senior cyber security professionals who can hit the ground running.

Staff Training.

We’re experts in training and knowledge transfer. Once we’ve worked with you to develop or improve your cyber security programme, we can also equip your staff to deliver and maintain it into the future.

Example programmes include:

  1. Information risk management fundamentals.
  2. Risk assessment in practice (including core elements such as Business Impact Assessment, Threat and Vulnerability Profiling and Risk Treatment).
  3. Translating security policy into practice.
  4. Ongoing cyber security controls assessment for audit teams.
  5. Managing information risk in supplier relationships.

 

    Book A Meeting.

    From Us To You.
    Explore Our Resources.

    VIEW RESOURCES

    Understanding the Fifth Chapter of DORA

    The Digital Operational Resilience Act (DORA), introduced by the European Union, is a critical piece of legislation designed to strengthen

    READ MORE

    Understanding the Fourth Chapter of DORA

    The fourth chapter of the Digital Operational Resilience Act (DORA) is designed to ensure that financial entities can withstand, respond

    READ MORE

    Understanding the Third Chapter of DORA

    As we continue with our analysis of the Digital Operational Resilience Act (DORA), Chapter 3 stands out as a pivotal

    READ MORE

    Meet Our Leadership Team.

    At CRMG, our senior leadership team brings a rich history and deep expertise in cyber security. Spearheaded by consultants who are influential figures in the industry, our leaders are highly networked and well-established, with backgrounds in the ‘Big- Four’ firms.

    LEARN MORE

    Simon Rycroft

    CO-FOUNDER AND CEO

    Former Head of Consulting at the ISF. On a journey to bring accessible risk management to growing enterprises.

    Nick Frost

    CO-FOUNDER AND CHIEF PRODUCT OFFICER

    Former Group Head of Information Risk, PwC. Motivated by the need to implement cyber risk principles for the real world!

    Dan Rycroft

    DELIVERY DIRECTOR

    Former Head of Delivery, Cyber Security at DXC. Delivers risk-based cyber security programmes with maximum efficiency.

    Matt Brett

    DELIVERY LEAD – CYBER RISK SOLUTIONS

    Former Portfolio Director, Tech Security & Risk, GSK. Specialises in implementing efficient, pragmatic cyber risk solutions.

    Martin Tully

    DELIVERY LEAD – GOVERNANCE AND COMPLIANCE

    Twenty years’ experience in delivering fit-for-purpose cyber governance initiatives.

    Louis Head

    CONSULTANT – GOVERNANCE AND COMPLIANCE

    An expert in everything ISMS-related, and how compliance works in practice.

    Guy Asch

    COMMERCIAL DIRECTOR

    A seasoned Commercial Director, driving P&L business leadership through innovative strategies.

    Ryan Hides

    DELIVERY LEAD – THIRD PARTY RISK MANAGEMENT

    Project Management and Six Sigma expertise. Specialises in turning effective third party risk management into a scalable reality.

    Sarrah Ahmed

    HEAD OF MARKETING

    Bringing over 17+ years of marketing expertise, passionate about crafting innovative marketing campaigns.


    [email protected]
    0203 811 8727
    Meet The Team
    Our Approach
    Our Heritage
    Our Locations
    Values & Ethos
    GRC Solutions
    Consultancy
    Compliance & Certification
    News
    Case Studies
    Contact
    Book A Demo
    Cookies
    Privacy Policy

    Proud To Partner With

    © Cyber Risk Management Limited. All Rights Reserved.