CREST Focus Groups help us to continually monitor best practice in Penetration Testing, Threat Intelligence, Incident Response, Intelligence-Led Testing and SOC.
They also aid CREST in the development of its accreditation and certification requirements, ensuring that they remain fit for purpose and keep abreast of technological advancements.
Each group provides a sector specific focus for members and offer the opportunity for them to benefit from purposeful networking opportunities. Membership is open to any representative from a member company accredited to the discipline. Each Group has the following responsibilities:
- Review membership accreditation processes;
- Review related examination syllabuses;
- Provide feedback to the CREST Assessors on examination content and quality, via their Focus Group Sub-Committee;
- Provide feedback on discipline related issues;
- Horizon-scan upcoming social, technological, economic, legal, regulatory, political and ethical factors that may impact their specialist area;
- Provide direction to CREST, its initiatives and support related government initiatives;
- Support Industry Advisory Groups.
Our Terms of Reference document provides key information and defines the terms that apply to all CREST’s Focus Groups and their Sub-Committees. Please note that due to the geographical spread and number of accredited companies, the split and number of seats varies for each Focus Group. Furthermore, where not all disciplines are represented across the regions, this would be reflected in the sub-committee composition.
Each Focus Group is run by an elected Sub-Committee of members globally with the number of seats per region based on the number of accredited companies in each region.
If you are interested in learning more about the activities of these Focus Groups, please email [email protected]
Penetration Testing Focus Group Sub-Committee Members
| EMEA | Asia | Australasia | Americas |
| Vincent Goovaerts, Kroll | Phil Arkwright, WithSecure | Chathura Abeydeera, KPMG Australia | Patrick Cleary, Emagined Security Inc |
| Miguel Marques, Quorum Cyber | Faizal Ashruf, UST | Abartan Dhakal, Stickman Cyber | Taylor Smith, Pivot Point Security |
| Tim Reed, Sentrium Security Ltd | Manish Chawda, Pragma Pte Ltd | Jack Rutherford, Triskele Labs | Tony UcedaVelez, Versprite (Vice-Chair) |
| Boglarka Ronto, Resillion (Chair) | Cameron Leong, Centurion | | |
| Abhijeet Udas, NCC Group | Samuel Pua, WatchTowr | | |
| Tom Wedgbury, Nettitude Group | Louis Truong, VSEC | | |
| William Wright, Closed Door Security | | | |
Incident Response Focus Group
| EMEA | Asia | Australasia | Americas |
| Stefano Maccaglia, RSA | Jason Ka Lee, PwC Hong Kong (Vice-Chair) | Chathura Abeydeera, KPMG | David Brilliant, Alvarez & Marsal |
| Benn Morris, 3B Data Security (Chair) | | | |
| Adrian Shaw, Nettitude Group | | | |
Threat Intelligence
| EMEA | Australasia |
| Oliver Church, Orpheus Cyber (Chair) | Jason Smart, PwC |
| Rob Dartnall, Security Alliance (Vice-Chair) | |
| Oliver Fairbank, Northern Trust (Co-opted member) | |
| Oliver Fay, Accenture | |
| Matthew Hull, NCC Group | |
| Thomas Padden, BAE Systems Digital Intelligence | |
| Grace Tryphona, Nettitude | |
CREST Intelligence-Led Testing Focus Group
| EMEA | Asia | Australasia |
| Dominic Chell, MDSec | Saeid Atabaki, Trustwave | Chathura Abeydeera, KPMG (Vice-Chair) |
| Matt Lorentzen, Cyberis (Chair) | | |
| Doug McLeod, Nettitude Group | | |
| Frederic Vleminckx, DXC Technology | | |
CREST Security Operations Centre (SOC) Focus Group
| EMEA | Asia/Australasia |
| Leigh Collett, Accenture (Chair) | Ramesh Naidu, Vigilant Asia (Vice-Chair) |
| Alan Freeland, DigitalXRAID | Aneesh Jayakumar, Cyberproof |
| John Lodge, Socura | |
| Martin Riley, Bridewell Consulting Ltd | |
Diversity and Inclusion Group
Diversity and inclusion is essential to the future of the cyber security industry, so at all times CREST will strive towards creating and contributing to a more inclusive and diverse industry. CREST is committed to contributing to a more inclusive and more diverse global cyber community and industry that provides equity of opportunity for all.
CREST has a wider goal to also support its member bodies in promoting diversity and inclusion – to ensure they are aware of the importance of creating opportunities for a diverse range of individuals to enter and fulfil their potential within the cyber security industry – no matter who they are.
CREST will soon be releasing a Charter for Diversity and Inclusion with minimum behavioural standards and working practices which members can sign-up to and display on their websites to demonstrate their commitment to diversity and inclusion best practices. Along with documentation they can use as part of their hiring process.
Below are links to some relevant CREST reports and publications:
Equity, Inclusion and Diversity in National Cyber Security Strategy
Women in cyber stories uncut
Neurodiversity in the workplace
Exploring the gender gap
Physical disability – addressing the accessibility challenges
Combatting stress and burnout
Top Tips for Diversity & Inclusion
For more information or to join our Diversity and Inclusion Group, please contact [email protected]
