Login to profile

CREST and The Cyber Scheme collaborate in Security Testing pilot

12 January 2023

The UK Cyber Security Council has announced that CREST and The Cyber Scheme will collaborate in a new pilot scheme for Security Testing, creating the first opportunity for cyber professionals to become chartered practitioners in the specialism.

CREST, the international not-for-profit membership body for the cyber security industry, and The Cyber Scheme, a training assessment provider for the cyber industry, will engage with their membership/sponsors and growing community of qualified individuals to develop ways to assess applications against the Council’s professional standards for the Security Testing specialism.

The launch of the Security Testing pilot forms part of the Council’s work to introduce a universally recognised professional standard across the cyber industry. Ultimately, the professional standard will allow practitioners to achieve recognition at either Associate, Principal or Chartered level across 16 specialisms.

It is an opportunity for the industry to rethink the qualifications and career landscape, as well as raise the professional status of cyber security in line with other established professions, such as accountancy, engineering and law.

Professional recognition offers significant career benefits for those working in cyber security, or who hope to do so in the future, including:

Nick Benson, Chief Executive Officer of CREST, said: “CREST are delighted to be collaborating with both the Council and The Cyber Scheme to further define and mature the standards underpinning cyber skills and competence. 

“This work will be leading the way internationally in establishing a baseline for generations to come as to what being a cyber professional means. We know that this means listening, collaborating and learning, something all parties are committed to so that the sector really benefits from this innovation.” 

Charles White, Chief Executive Officer of The Cyber Scheme, said: “This is an important development in the professionalisation of our industry; creating alignment with other chartered entities clearly signals that the cyber security profession has come of age. 

“We’re pleased to be working with the Council and CREST to ensure consistency in what we are trying to achieve, and that the needs of our sponsors and the buying community are aligned and proportionate to the advancement of the cyber security industry. We are keen to use our own creativity to design assessments to meet these challenges”.

The Council was awarded Royal Chartered status by the Privy Council, making it the only body that can charter individuals to award the status of ‘Chartered Cyber Security Professional’.

Currently, several cyber security qualifications, certifications and degrees exist without any uniform equivalency or defined pathway linking them.

Pilot schemes will test the introduction of a universally recognised professional standard for the three levels. (ISC)² and The Chartered Institute of Information Security (CIISec) are engaged in another pilot focused on the Cyber Security Governance and Risk Management and Secure System Architecture and Design specialisms.

The aim of the pilots is to engage with industry stakeholders to develop a clearer career route map for those looking to enter the cyber security industry, as well as professionals already working in the sector.  

Creating a clearer standard will also help employers fully understand the skills and competencies associated with each level, enabling organisations and professionals to recruit more effectively. 

UK Cyber Security Council CEO, Simon Hepburn, said: “As we look to the year ahead, we are keen to ensure we maintain momentum and continue to pilot our chartered model across the industry’s 16 recognised specialisms.

“It’s great to be working with CREST and The Cyber Scheme to deliver our latest pilot in Security Testing.

“At the Council, we remain committed to delivering a professional standard which helps provide the clarity and transparency the sector needs to attract new entrants, help existing practitioners progress in their careers and empower businesses to fulfil their own cyber security requirements.

“The launch of our new Security Testing pilot is an important step towards that goal.”

To learn more about routes into the cyber industry, please visit the UK Cyber Security Council’s website: Cyber security careers: a route map through the 16 cyber security specialisms (ukcybersecuritycouncil.org.uk)


CREST is an international not-for-profit, membership body representing the global cyber security industry. Its goal is to help create a secure digital world for all by quality assuring its members and delivering professional certifications to the cyber security industry. CREST accredits 300 member companies, operating across dozens of countries, and certifies thousands of professionals worldwide. It works with governments, regulators, academia, training partners, professional bodies and other stakeholders around the world. CREST members undergo a rigorous quality assurance process and employ competent professionals. Organisations buying their cyber security services from CREST members do so with confidence.

For further information contact [email protected]

About The Cyber Scheme

The Cyber Scheme have a Sponsorship base of CHECK certified companies, specialist penetration testing practitioners and professional organisations committed to improving standards and simplifying entry into the industry, with the aim of increasing the number of certified and experienced testers evaluating the security of both public sector and private companies. 

For further information please contact [email protected]