Cyber security in practice.
Right first time.

Cyber Security Strategy

A realistic, risk-based strategy is fundamental to any organisation’s cyber security capability. Via our Cyber Security Programme Accelerator, we’ll work with you to shape a cyber security strategy that sets the right tone from the top and turns your cyber security programme into a genuine business enabler.

Cyber Security Policy & Standards

Straightforward, easy-to-follow policies and standards provide the common language and guidance by which an organisation can convert its cyber security strategy into consistent reality.

We’ll work closely with you to produce a cyber security policy that sets out in detail exactly what is expected of the business, whilst aligning with your organisational culture and appetite for risk.

Cyber Security Assurance and ISO 27001 Certification

We’ll help you identify the right assessment framework for you — ISO 27001, the NIST Cyber Security Framework or any other recognised standard — and then undertake a gap assessment that produces helpful insights and sensible recommendations for gradual improvement.

If full ISO 27001 certification is right for you, we’ll guide you through the process, working with our certification partner to ensure everything goes smoothly. Where necessary, we can also support your internal/external audit team to implement an ongoing cyber assurance & audit programme.

Cyber Exercises

CRMG will build a realistic cyber threat scenario to which key staff will be asked to respond in real-time in a ‘war game’ setting, stress-testing your organisation’s cyber resilience.

The aim is to assess management’s ability to invoke the business continuity and crisis management mechanisms you’ll already have developed, and to make rational decisions on the fly that minimise adverse impact.

Once completed we’ll provide a full review, flagging areas for remediation that can be integrated into your improvement plans.

Data Protection Support

Protection of personal data about individuals — whether customers, suppliers, partners or staff — is not something you can risk getting wrong.

Our data protection experts will help you identify which data protection and privacy-related regulations (such as GDPR) apply in your organisation and assess how well they are currently being met.

We’ll then deliver an improvement plan that maps out each step you need to take to achieve ongoing compliance.

Staff Placements ‘as a service’

Finding the right individual to lead a new or evolving cyber security programme isn’t easy. They’ll need to hold their own with senior management, but also be able to grapple with the details of a risk-based cyber security programme.

CRMG can provide the right people at the right time, on an ‘as a service’ basis.

Our vast operational experience and diverse industry contacts mean we can deliver experienced, qualified, senior cyber security professionals who can hit the ground running.

Staff Training

We’re experts in training and knowledge transfer. Once we’ve worked with you to develop or improve your cyber security programme, we can also equip your staff to deliver and maintain it into the future.

Example programmes include: