Articles and White Papers

July 2019:  Disruptive Delivery Methods In Penetration Testing

For some time, CREST has been looking into the impact of disruptive delivery methods on penetration testing services.  In particular, CREST has been trying to understand the implications that these methods have on the buying communities, existing suppliers of services, individuals delivering services and legal and regulatory requirements in a balanced, considered and collaborative way.

You can download a paper that describes this in more detail here:  Disruptive Delivery Methods In Penetration Testing

We would welcome your comments;  please send them to [email protected].

February 2019:  Cybercriminals get better at marketing
CREST discusses what Chief Information Officers (CIOs) can learn from cybercriminals when it comes to mitigating risk and how Chief Marketing Officers (CMOs) can pick up some marketing tips.  

July 2018: Connected and Autonomous Vehicles Report

The autonomous vehicle industry has shown interest in understanding how vehicles can be resilient to cyber­ attack, but this interest has not been translated into practical advice, agreed standards, or funding for research. This paper aims to highlight the broad issues and offer

solutions to the industry. Discussions around security in the industry have been primarily concerned with access control to the vehicle, authentication and data management as manufacturers are waiting for the technology to become more prevalent before addressing cyber security. However, this will ultimately cost more and result in more vulnerabilities than building resilient systems from the beginning.

Download the report here: Connected and Autonomous Vehicles Report