CREST Focus Groups help us to continually monitor best practice in Penetration Testing, Threat Intelligence, Incident Response, Intelligence-Led Testing and SOC.
They also aid CREST in the development of its accreditation and certification requirements, ensuring that they remain fit for purpose and keep abreast of technological advancements.
Each group provides a sector specific focus for members and offer the opportunity for them to benefit from purposeful networking opportunities. Membership is open to any representative from a member company accredited to the discipline. Each Group has the following responsibilities:
- Review membership accreditation processes;
- Review related examination syllabuses;
- Provide feedback to the CREST Assessors on examination content and quality, via their Focus Group Sub-Committee;
- Provide feedback on penetration testing issues;
- Horizon-scan upcoming technological developments to provide input to examination content;
- Provide direction to CREST and support related government initiatives.
If you are interested in learning more about the activities of these Focus Groups, please email [email protected]
Representatives from the buying community can engage with our Industry Advisory Group, giving buyers a role in supporting CREST policy and practice.
Each Focus Group is run by an elected Sub-Committee of members globally with the number of seats per region based on the number of accredited companies in each region.
Penetration Testing Focus Group Sub-Committee Members
| EMEA | Asia | Australasia | Americas |
| Tom Ellson, Jumpsec | Phil Arkwright, WithSecure | Edward Farrell, Mercury ISS | Taylor Smith, Pivot Point Security |
| Vincent Goovaerts, Kroll | Faizal Ashruf, UST | Yuri Melo, EY | Tony UcedaVelez, Versprite (Vice-Chair) |
| Ben Jacob, Secureworks | Cameron Leong, Centurion | Jack Rutherford, Triskele Labs | |
| Miguel Marques, Quorum Cyber | Jinkun Ong, Vantage Point | | |
| Rob McElvanney, PA Consulting | Samuel Pua, WatchTowr | | |
| Boglarka Ronto, Commissum Associates (Chair) | Louis Truong, VSEC | | |
| Abhijeet Udas, NCC Group | | | |
| Tom Wedgbury, Nettitude Group | | | |
Incident Response Focus Group
| EMEA | Asia | Australasia | Americas |
| Stefano Maccaglia, RSA | Jason Ka Lee, PwC Hong Kong (Vice-Chair) | Chathura Abeydeera, KPMG | David Brilliant, Alvarez & Marsal |
| Benn Morris, 3B Data Security (Chair) | | | |
| Adrian Shaw, Nettitude Group | | | |
Threat Intelligence
| EMEA | Australasia |
| Oliver Church, Orpheus Cyber (Chair) | Jason Smart, PwC |
| Rob Dartnall, Security Alliance (Vice-Chair) | |
| Oliver Fairbank, Orpheus Cyber | |
| Oliver Fay, Context Information Security | |
| Andrew Flood, Nettitude Group | |
| Matthew Hull, NCC Group | |
CREST Intelligence-Led Testing Focus Group
| EMEA | Asia | Australasia |
| Dominic Chell, MDSec | Saeid Atabaki, Trustwave | Chathura Abeydeera, KPMG (Vice-Chair) |
| Matt Lorentzen, Cyberis (Chair) | | |
| Doug McLeod, Nettitude Group | | |
| Rob McElvanney, PA Consulting | | |
CREST Security Operations Centre (SOC) Focus Group
| EMEA | Asia/Australasia |
| Leigh Collett, Accenture (Chair) | Ramesh Naidu, Vigilant Asia |
| Alan Freeland, DigitalXRAID | JooKhuan Quek, CyberProof Singapore |
| Max Garaffa, Jumpsec | |
| John Lodge, Socura | |
Industry Advisory Group
The Industry Advisory Groups (IAG) are an independent forum for senior professionals who discuss current industry topics and provide advice to CREST on the role it should play in supporting the buying community. Meetings operate under the Chatham House Rule.
Each CREST Council will be establishing their own groups to focus on the buying community’s specific needs in their region. IAGs in the UK and Australia are already in place.
If you are a buyer of cyber security services and would like to get involved in any of these groups, or as a member you know of a buyer who would like to be involved, please email Elaine Luck on [email protected]
