Financial services and insurance companies are attractive targets for cyber crime, and consequently are subject to stringent regulation. Maintaining a risk-based approach to cyber security, so that it is tuned to respond to react to key cyber threats while also fully compliant with relevant legislation, is no small undertaking.

At CRMG we’ve worked with major names in the sector to achieve just that. From producing a harmonised compliance approach that accommodates PSD2, ISO 27002, NIST 800-53, or regional standards like the New York State
Financial Services Directive; to implementing comprehensive ongoing risk assessments for critical systems — we’ve got you covered.

Retail organisations face multiple pressures from outside and within. From shielding online shopping portals from denial-of-service attacks so that they stay up and running 24/7, to protecting customers’ personal information and payment data, businesses in the sector face a range of cyber security challenges.

And with tight margins comes increased pressure on security budgets, so every penny or cent has to be spent to maximum effect.

At CRMG we’ll help you achieve an effective cyber security capability that aligns with best practice, addresses the cyber risks most relevant to your operations to optimise budgets, and meets key compliance requirements such as PCI/DSS.

Manufacturing and pharmaceuticals businesses face multiple challenges in the cyber world. Legacy manufacturing systems that were never intended to be connected to the Internet can expose key facilities and networks to unexpected threats from cyber attackers.

At the same time, protecting all-important intellectual property and, in the case of medical trials, highly sensitive personal information, means data privacy is paramount.

At CRMG we use a highly structured approach to help you assess the cyber risks faced by your manufacturing systems and implement proportionate protective measures, ensuring that your commercial and personal data stays confidential.

Oil and gas businesses are a natural target for opportunistic attackers who wish to extort them for financial gain, as well as nation-state actors seeking to disrupt the energy distribution infrastructures of competing countries.

While the industry has developed effective approaches to physical safety and risk management over many years, cyber risk is too often seen as the ‘poor relation’. As such, these businesses require highly tuned, integrated approaches to cyber security that address multiple cyber threats whilst also satisfying stringent regulatory requirements.

At CRMG we’ll help you extend the best practices developed in the world of health and safety risk to include and enhance cyber risk management — for example, producing an integrated risk framework that accommodates both IEC 62443 and effective cyber risk techniques.

Professional services firms have traditionally focused on delivering services to their clients with a tendency to neglect their own cyber security arrangements. Delivering rapid, innovative, and effective solutions to clients is key, but that can often involve a few cut corners here and there, with little appreciation for cyber risk along the way.

The need to mature cyber security practices is pressing, as firms servicing high-profile clients necessarily become attractive targets for cyber crime themselves.

At CRMG we’ll work with you to identify the cyber risks you face in client-facing and internal scenarios, and help you refine your cyber security arrangements accordingly. At the same time, we’ll support you in instilling inherently secure behaviour into your consulting base.

The travel industry has seen some high profile cyber breaches in recent years. From the global airline that fell foul of the Information Commissioner (UK) when customer data found its way onto the dark web, to the data breach that resulted from the merger of two major international hotel chains, the damage caused by cyber attacks is significant. At the same time, the industry is facing unprecedented budgetary pressures.

At CRMG we’ll help you identify the critical systems that are most likely to cause business damage if compromised. We’ll work with you to implement an efficient approach to protect them in a way that optimises tight budgets, while complying with legal and regulatory demands.