Regions icon
Membership icon
Certification icon

About us

We have been active in the European Union for many years and support companies and individuals across Europe, the Middle East and Africa. We are committed to the EU, wider European, Middle Eastern and African markets and work closely with members here creating a truly global cyber security organisation.

The EU is our first chapter in the EMEA region and it is managed by a council of elected member company representatives, The Chair of CREST EU,  Rodrigo Marcos Alvarez, sits on our International Council.

We actively encourage the formation of new chapters and councils. When there is sufficient member interest in the Middle East and in Africa then we will open chapters representing those regions.

In parallel with our other Regional Councils, the EU Council’s objectives are to build capability, capacity, consistency and community in the global cyber security industry and to support internationally recognised schemes by working with governments, regulators, buyers and suppliers in the region.

These goals help to enhance cyber resilience, open up markets for our member companies operating in the region and to create opportunities for CREST qualified individuals.

We offer a full range of disciplines in the market:

  • Penetration Testing
  • Incident Response
  • Threat Intelligence
  • Security Operations Centres

 

Meet the EU Council

Our EU Council Members were elected in December 2021.  They will serve for three years at which point, to ensure continuity, half will retire by rotation by mutual agreement and be eligible for re-election for a further three-year term if they so wish.  The other half will retire by rotation the following year.

The serving EU Council Members are listed below in alphabetical order. Hold your cursor over each for more information.

Simon Cecchini

Nettitude

[Portfolio: Penetration Testing]

Simon has 13+ years of experience in Cyber Security.  He taught Penetration Testing classes at both BSc and MSc levels. He owns the following certifications: CISSP, CCSP, PMP, SEPP.  Simon completed his BSc in Computer Science in 2019 and his MSc in Computer Security and Systems Forensics in 2011.

His publications include several ethically disclosed zero-day vulnerabilities, CVEs as well as book chapters and scientific papers.  Simon’s passions include martial arts, motors and humans’ behavioural threats studies.

Jon Christiansen

Mandiant

[Portfolio: Intelligence Led Testing]

Based in Copenhagen, Denmark, Jay leads the EU/UKI Red Team for Mandiant. His specialist background is in red team engagements, simulated targeted attack scenarios and purple team exercises and he created the technical ransomware assessment and threat-intelligence led methodologies and offerings within Mandiant.

His research is currently focuses on adversarial simulation of FIN/APT groups, ransomware behaviour and strategy, and on building custom payload and C2 tools to match the capabilities of these advanced threat actors. He still leads the large-scale red team engagements for client across all industry verticals and Critical National Infrastructure (CNI) throughout Europe, the Middle East and the US.

Rodrigo Marcos Alvarez

Chair

[Portfolio: Regulator Engagement]

Rod is the CEO of SECFORCE Ltd, a penetration testing and red teaming consultancy. Rod also contributes to the security community by leading an OWASP chapter, mainly driven by the goal of increasing security awareness and providing an opportunity for individuals to acquire technical offensive security skills.

With 20 years of experience in offensive security, Rod has a strong technical background. Even though he still enjoys getting involved in the technical aspect of security and getting his hands dirty in “low level” stuff, Rod’s professional goals are around creating a rewarding and inspiring work environment, helping solve customer challenges and make this world a safer place – one IP address at a time.

Bruno Morisson

Integrity SA

[Portfolio: Research]

Bruno is a Partner and Director of Penetration Testing Services at INTEGRITY S.A., a cyber security consulting company part of the Devoteam group. With more than 21 years in the information security industry, he’s been responsible for managing and delivering penetration testing projects to clients in multiple industries, from retail, to energy, healthcare, finance, and government, to name a few. He’s been actively involved in the security community having founded the Portuguese association for the promotion of information security (AP2SI) and the BSidesLisbon security conference.

Bruno holds an MSc. in Information Security from Royal Holloway, University of London, and several International certifications such as OSCP, GPEN, CISSP-ISSMP, CISA, ISO 27001 Lead Auditor and ITIL.

George Patsis

Obrela Security Industries

[Portfolio: SOC]

George Patsis is a highly accomplished expert in information security with a proven track record in developing and implementing large-scale security programs for major Global 500 Corporations. As an entrepreneur he holds a passion for identifying market opportunities and building brands. He pioneers and leads the design and development of innovative services and products in the area of strategic security intelligence and risk management.

He studied electrical and electronic engineering at the University College of London and holds a MSc in Information Security Management from the Royal Holloway University of London.

Anil Pazvant

DXC Technology

[Portfolio: Research]

Anil has more than 18 years of professional experience working in all aspects of offensive security assessments at a senior, global and strategic level. He has been conducted many offensive assessments for finance organisations, governments and automotive industry.

He has been working at DXC Technology since 2017 as a Practice Lead in the Threat and Vulnerability Management team, and is primarily responsible for the development, execution and delivery of red team operations.

Wiebe Ruttenberg

Security Alliance

[Portfolio: Threat Intelligence]

With more than 25 years in public service, Wiebe joined SecAlliance as Director of Strategy, August 2021. Prior to this he worked in senior policy roles at the European Central Bank (ECB), first as Head of the Market Integration Division (2006- 2015) and finally as programme director focusing on technological innovation and cyber resilience across the financial sector (2016-2021).

In his latter position, he chaired the ESCB Task Force on Cyber Resilience Strategy for Financial Market Infrastructures, managed the Secretariat of the Euro Cyber Resilience Board and was member of the European Systemic Cyber Group of the European Systemic Risk Board. The European cyber testing program TIBER-EU and the European Cyber Information and Intelligence Sharing Initiative (CIISI-EU) were developed and rolled-out are under his responsibility. Before joining the ECB in 2006, he worked in senior roles at De Nederlandsche Bank and the Dutch Ministry of Finance.

Olle Segerdahl

F-Secure

Portfolio: Incident Response]

Olle is a veteran within the IT security industry, having devoted himself to both “breaking” and “building” security solutions for over 20 years. Since his appointment as Principal Security Consultant at F-Secure in 2016, he has established a new security consulting practice in Stockholm, Sweden, that has grown into a team of 12 expert consultants serving some of the biggest and most targeted organizations in Sweden.

At F-Secure, Olle is also actively engaged in improving consulting practices and methodologies to provide better assurance for clients in new and more efficient ways. Olle is a regular speaker at information security conferences and is also a co-founder of one of them, the popular SEC-T hacker conference in Stockholm.

Antonio Spadaro

Deloitte (Netherlands)

[Portfolio: Academia]

Antonio is a security advisor with more than 10 years of professional experience in the information security field. He has been managing and executing many technical security assessments and ethical hacking projects, including penetration tests and threat intel-led red team tests, thus enabling organizations – across multiple industries and geographies – improving their cyber resilience against modern and sophisticated threat actors.

Antonio is a business-minded person with a strong technical background and is an advocate for information security and red teaming in all its forms, from social engineering to digital and physical security. He has extensive experience as training facilitator and enjoys instilling his passion about offensive security to all those who want to learn and develop in this field.

Alexis Vanden Eijnde

Prism Infosec

[Portfolio: Training]

Alexis is a senior consultant with more than 10 years’ professional experience within the security industry. He has worked with several security consultancies including MDSec and A&O Corsaire.

Alexis has a background in software development and has used this to develop tools and training material specifically focused on security, this has included building custom extensions for widely popular testing tools such as PortSwigger’s Burp Suite. Alexis has also delivered web application testing training at the major security and hacking conference ‘Black Hat’ for two years. He has performed technical security assessments for government, financial, software and other commercial and non-commercial sector customers including FTSE 100 companies.