Developing an effective cybersecurity policy is a fundamental stepping stone when creating a comprehensive cybersecurity plan. Like any other corporate policy, they are a roadmap that defines what is in scope and establishes the baseline for ‘good’ cybersecurity practices. A key challenge for leaders, however, is getting key stakeholder input. Traditional policies are often written in silos – in ways that are not clear to the audience they are meant to influence. Stakeholder contributions and their understanding of the language and purpose of the policy/s is an essential phase when implementing cybersecurity processes and awareness. Without them, it will not influence the business. In this podcast, Nick Frost, Co-Founder and Director at CRMG, is joined by Simon Lacey, Principal Consultant at CRMG. Together they discuss the following: • The lifecycle of a cybersecurity policy • The questions you should ask when creating or reviewing existing policies • Who you should get involved (stakeholders) within the organisation and the language to use to engage the business • Language and crafting – translating cybersecurity requirements to those who aren’t in cybersecurity For more information visit www.crmg-consult.com.