Buying & Building Cyber Services icon
Back
Accreditation Pathway & Membership icon
Back
Skills, Certifications & Careers icon
Back
News, Events & Research icon
Back
About Us icon
Back
Login to profile
Join Today Find a Supplier
Home  »  Research and Reports   »   Articles and White Papers

Articles and White Papers

October 2025: Threat-led Penetration Testing (TLPT) Under DORA: What Financial Institutions Need To Know

Financial institutions across the EU are facing new cybersecurity mandates under the Digital Operational Resilience Act (DORA). In this whitepaper, we’ll break down what TLPT entails as mandated by DORA, how it fits into broader operational resilience, why using accredited service providers (especially CREST-accredited firms) is so important, and the benefits of doing so.

Download the whitepaper here: Threat-led Penetration Testing (TLPT) Under DORA: What Financial Institutions Need To Know

October 2025: CREST Cybersecurity Incident Management Guide

The CREST Cybersecurity Incident Management Guide is designed to help organisations respond to and manage cyber incidents effectively. Produced by our Incident Response (IR) Focus Group, this document provides practical frameworks for detection, escalation, and recovery, along with quick-start checklists to guide initial actions when an incident occurs.

Updated to cover emerging threats such as AI manipulation, deepfake-enabled attacks, and supply chain compromises, the guide offers actionable advice for security leaders, IT teams, risk managers, and executives. By following its structured approach, organisations can minimise impact, manage crises with confidence, and strengthen their resilience against evolving cyber threats.

Download the complete guide here: CREST Cybersecurity Incident Management Guide

June 2025: Measuring Effectiveness and Return on Investment of a Managed SOC Service: Maximising SOAR in SOCs

Metrics, when employed in a Security Operations Centre (SOC), are vital for ensuring adherence to Service Level Agreements (SLAs) and for evaluating the effectiveness and efficiency of cybersecurity efforts.

They help in proving the value of investment in cybersecurity to customers and their stakeholders, and in identifying potential areas for improvement. Through analysing specific metrics, SOCs can optimise their operations, enhance security postures, and provide tangible evidence of their contribution to the organisation’s overall security strategy.

This White Paper discusses some of the metrics that can be used for these purposes.

You can download a paper that describes this in more detail here: Measuring Effectiveness and Return on Investment of a Managed SOC Service: Maximising SOAR in SOCs

August 2024: Maximising SOAR in SOCs

The Security Orchestration, Automation, and Response (SOAR) framework
revolutionises security operations by enabling teams to seamlessly
orchestrate, automate and respond to security incidents. In today’s
rapidly evolving threat landscape, SOAR technology also plays a pivotal
role in enhancing the efficiency and effectiveness of Security Operations
Centres (SOCs). This white paper delves into the significance of SOAR in
SOC environments, its benefits, challenges and strategies for successful
implementation.

You can download a paper that describes this in more detail here: Maximising SOAR in SOCs

June 2024: The SOC’s Biggest Pain: Asset Inventory

Amid a wide range of challenges encountered by these entities, one obstacle
persistently stands out: the effective management of asset inventory.

CREST’s Security Operations Centers (SOC) Focus Group is pleased to present its latest whitepaper: The SOC’s Biggest Pain: Asset Inventory.

July 2019:  Disruptive Delivery Methods In Penetration Testing

For some time, CREST has been looking into the impact of disruptive delivery methods on penetration testing services.  In particular, CREST has been trying to understand the implications that these methods have on the buying communities, existing suppliers of services, individuals delivering services and legal and regulatory requirements in a balanced, considered and collaborative way.

You can download a paper that describes this in more detail here: Disruptive Delivery Methods In Penetration Testing

February 2019:  Cybercriminals get better at marketing

CREST discusses what Chief Information Officers (CIOs) can learn from cybercriminals when it comes to mitigating risk and how Chief Marketing Officers (CMOs) can pick up some marketing tips.  

July 2018: Connected and Autonomous Vehicles Report

The autonomous vehicle industry has shown interest in understanding how vehicles can be resilient to cyber­ attack, but this interest has not been translated into practical advice, agreed standards, or funding for research. This paper aims to highlight the broad issues and offer

solutions to the industry. Discussions around security in the industry have been primarily concerned with access control to the vehicle, authentication and data management as manufacturers are waiting for the technology to become more prevalent before addressing cyber security. However, this will ultimately cost more and result in more vulnerabilities than building resilient systems from the beginning.

Download the report here: Connected and Autonomous Vehicles Report