CREST Mission

TO SUPPORT THE TECHNICAL ASSURANCE INDUSTRY MATURE AND PROFESSIONALISE


CREST’s mission is to build high quality capability, capacity and consistency within the global technical cyber security sector. 

In collaboration with industry and governments, CREST has built a meaningful framework for measuring the capability of cyber security companies and their workforce.  This approach, supports governments, regulators and buyers in identifying capable suppliers that can deliver high quality technical security services. 

CREST is focused on professionalizing the technical cyber security market whilst driving quality and standards of the organizations that operate within it. This helps to mature countries domestic cyber security capability whilst allowing for international opportunities and consistency.  It also provides greater levels of assurance that the depth and breadth of skills in a country are aligned to the needs of the buying community.

Capability

CREST is focused on developing the capability of technical cyber security organizations.  Through building a framework of accreditation and certification programs, CREST provides a meaningful structure for organizations to measure themselves against.  CREST has defined career pathways, which supports individuals develop and demonstrate their skills and capabilities back to the organizations that depend on their capability.

Capacity

Many organizations recognize the challenge in identifying skilled and experienced cyber security professionals within the market.  CREST recognizes these issues and consequently is working with academic institutions in building their undergraduate and postgraduate programs to better align with the needs of industry.  Although CREST does not provide training itself, it works with training partners to actively encourage new individuals in to this highly dynamic and challenging industry.

Consistency

With increasing workforce mobility and relatively free flowing trade agreements so the opportunity for organizations to deliver services on a global basis grows.  Governments, Regulators and Buyers need to identify common frameworks that span across country and regions.  These frameworks need to be meaningful, and they need to cover requirements for the organizations that deliver the services as well as their staff that deliver professional and managed services.  CREST is the only framework that combines both the accreditation of companies and the certification of individuals.  Through our code of conduct, we are able to ensure that CREST approved organizations deliver a consistent service to the market, and that their employees have been certified as being technically competent with sufficient legal and regulatory knowledge to deliver services in their region of practice.

Openness

CREST has a history of working with likeminded cyber security organizations and bodies to support the maturity of this rapidly growing industry.  We formally recognize other technical cyber security certification, and grant equivalency to some of our certification programs.  Similarly, we have worked with overseas governments to build CREST frameworks that are aligned to some of the local domestic needs of their markets.  So long as the integrity of our vision is maintained, and we are able to build capability, capacity and consistency within the market, CREST practices an open and transparent approach that is designed to support the growth and development of this sector