The cyber threat landscape is constantly changing, and organisations need to stay current with the dynamism of their internal and external environment. One important aspect is to be agile in cybersecurity policymaking (CSPM) to identify signals, devise proper policies, and mitigate risks. However, the literature in this aspect is still understudied, and this paper strives to fill this gap by investigating the notion of agility in cybersecurity policymaking and identifying its antecedents. The paper investigates the importance of agility as a means to counter emerging threats, contributing actionable insights and best practices to the ongoing discourse on cybersecurity policymaking. The findings emphasise the vital role of agility in pursuing cyber resilience and encourage policymakers and stakeholders to embrace this principle. Ultimately, this study deepens the understanding of the agile policymaking process and introduces asset management, vulnerability management, cyber risk management, and robust awareness processes as the antecedents of CSPM agility. The findings can provide insights for both the theory and practice of IS research by introducing the concept of agility in CSPM and identifying its antecedents.