Management Team


Mark Turner - Head and ShouldersChairman of CREST Executive
Mark Turner,  Director Technical Security Consulting, NCC Group (Communications and Research)
Mark is responsible for the Operations, Management and Development for a team o f 80 people within NCC Group.  Mark is passionate about developing the UK IT Security industry and making it the most professional and highest regarded in the world.  As such, he founded BSides Manchester – a free event to the participants – and is keen to continue his contribution to the security community with CREST.He is also active in the development of the next generation of security professionals and is currently working in an advisory capacity with a University on the design and content of a new Information Security degree.Mark’s role on the Executive is Communications, but additionally shares the Marketing portfolio with Ken Munro.  He also has overarching responsibility for CREST Research.
Contact:  [email protected]

Stuart Criddle, Principal Consultant, NCC Group (Assessors’ Representative)
Stuart is one of the two Assessors’ representatives on the CREST Executive and leads on the technical delivery aspects of CREST examinations.Stuart is a Principal CLAS Consultant at NCC Group responsible for leading CLAS consultancy projects such as RMADS production and also has a key role in leading many PCI QSA assignments.  He works as part of the main consultancy and testing team on both infrastructure and application assignments and has a long history of working with central government and police clients.
Contact:  [email protected]
Rowland Johnson
Rowland Johnson, Managing Director, Nettitude Ltd (Internationalisation and HR)
Rowland is CEO of Nettitude group, an intelligence led cyber security consultancy that operates across EMEA and North America.

He has strong leadership skills and a comprehensive understanding of cyber security and risk management.   Rowland has experience in growing and scaling a business and has experience in running an international organisation.   Rowland has responsibility for CREST Internationalisation and is actively engaged with key international stakeholders across all of CREST’s operating regions.Rowland also sits on the board of CREST International and in this role co-ordinates many strategic and operational initiatives  across CREST chapters.
Contact:  [email protected]
GeoffJones copy
Geoff Jones, Director, Cyberis Ltd (Assessors’ Representative)

Geoff is an accomplished IT security professional with a track record for innovation, having conceived and delivered new security products and service lines for established information security consultancies.As well as a CREST Assessor delivering the full range of CREST examinations, Geoff is a CHECK Team Leader whose experience encompasses in-depth infrastructure and application penetration testing.  He is also a recognised expert in the field of network forensic analysis and was also a member of CESG’s review panel for technical architectural solutions whilst working for GCHQ, offering technical project advice and assurance to multiple government and private organisations.Geoff is committed to sharing research and development across the security industry through various conferences, information exchanges and published tools.
Contact:  [email protected]

Ken Munro, Senior Partner, Pen Test Partners LLP (Marketing)ken-munro
Ken has over 15 years in the industry, in both Sales and Technology, and has experience of running security companies of all sizes.He specialises in engagement with the press and journalists in the promotion of the Information Security industry and security best practice in general.Ken’s role on the Executive is that of  Marketing, but additionally shares the Communications portfolio with Mark Turner.
Contact:  [email protected] 

Lawrence Munro, EMEA Regional Director, SpiderLabs at Trustwave  (Academia & Training)
SpiderLabs at Trustwave is one of the world’s largest security assessment services units.Lawrence has close ties to the US, Singapore and Australia and speaks regularly with regulating bodies and financial institutions globally.  He has a strong academic background and works closely with a number of UK Universities;  he has also run graduate programmes within penetration testing consultancies for the last five years.He is also a Director for B-Sides London.
[email protected]


HeadShot_BlankAlex Church, Chief Technical Officer, Context Information Security
Alex helped to found Context Information Security in 1998.  He was a CHECK Team Leader for a number of years before taking on responsibility for all technical and operational aspects of Context’s business, including technical strategy, service definition, operational efficiency, recruitment and delivery.  He developed Context’s incident response services and their research division which specialises in reverse engineering and vulnerability research.  He remains close to the technical side of the industry and is able to provide strategic guidance on technical developments and the future requirements within the UK Cyber arena, both from a government and private sector perspective.Alex has been involved with CREST since its inception, chaired the first Technical Committee and led the team that developed the original CREST examinations;  he has also helped to develop the existing assessments and create new ones.
Contact:  [email protected]

martin-walshamMartin Walsham, Director, Info-Assure Ltd
Martin is responsible for the security testing, security assurance and cyber security incident response services within Info-Assure.  He is a CLAS Consultant and has provided security assurance guidance across a wide cross-section of Government including Education, Transport, Justice, Policing, Health, Defence and local Government.Martin’s background is within standards compliance and development and he has a keen interest in professionalising the cyber security services and in the recognition of CREST within the UK and overseas.
Contact:  [email protected]


HeadShot_BlankPaul Midian, Chief Information Security Officer, Dixons Carphone PLC
Paul is an accomplished information and cyber security practitioner with over 20 years ‘experience; he is Chief Information Security Officer at Dixons Carphone plc.Previously, Paul was a director in the Cyber Security practice at PwC leading large scale information and cyber security improvement and transformation programmes.  Prior to his role at PwC, Paul was a director at Information Risk Management Plc . During his tenure revenue increased by over 75% and the company won the Secure Computing ‘Information Security Consultancy of the Year 2013′ award.  Prior to working at IRM he was Head of Security Testing at Siemens Enterprise Communications (formerly Insight Consulting).Paul is a member of the BCS and of ISACA. He has been involved in the CREST organisation since its inception.
Contact:  [email protected] 


HeadShot_BlankIan Glover, President
Ian has over 30 years’ experience working in the information technology industry.  He was one of the founding partners of Insight Consulting, a company that was recognised as being the leading independent provider of specialist information assurance services in the UK.  When the business was sold to Siemens Ian sat on the Board of Siemens Communications.Ian also established the CLAS Forum with CLAS as a partnership linking the Information Assurance knowledge of the UK Government with the expertise and resources of the private sector.  The Forum, which promotes the interests of the CLAS community, provides a pool of more than 800 high quality consultants approved by CESG to provide Information Assurance advice to UK Government departments. The Forum was established. He was the Chairman of the Forum until April 2012.Ian is additionally part of the UK project team building the next land speed record car, Bloodhound SSC.
Contact:  [email protected]
Elaine Luck, Operations Manager
Elaine has worked at Board level in industry for over 30 years, predominantly for the leading trade association in the defence and public security sectors but latterly in the facilities environment.  Her roles have included company secretary, business and operations management, membership management, event organisation and personnel management.
Within CREST she is responsible to the Executive for all aspects of day to day operations.
Contact:  [email protected]