CREST Threat Intelligence Focus Group

Oliver is CEO of Orpheus, a specialist Cyber Threat Intelligence company. He is responsible for Cyber Threat Intelligence on the UK Council and is a passionate believer in the importance of intelligence-led security. Oliver has previously established successful cyber security teams and capabilities at major global organisations and has a wide range of risk management and security experience, developed working for a diverse range of large and small organisations over the last 17 years.

An expert in cyber risk management and cyber resilience testing, Oliver has been involved in developing intelligence-led cyber resilience frameworks, working with regulators to do so, and has extensive experience leading cyber threat intelligence teams to conduct the testing itself. Oliver’s cyber security expertise is built on a foundation as a qualified lawyer, which enables him to add the legal perspective to the management of cyber risks. Oliver is a CREST Certified Cyber Threat Intelligence Manager (CCTIM), an Assessor of the TI examinations and a Solicitor of the Supreme Court of England and Wales.

Rob is the CEO and Director of Intelligence for Security Alliance Ltd, a Cyber Threat Intelligence company. From a military intelligence background, Rob transitioned his intelligence tradecraft into the cyber domain where he is an advocate of ‘Intelligence Preparation of the Cyber Environment’.

Rob’s primary work has been designing intelligence-led resiliency programs, developing intelligence capability, creating intelligence sharing frameworks and initiatives and providing intelligence led consulting engagements. Rob holds the CREST Certified Threat Intelligence Manager qualification, is a CREST TI Assessor and sits of the CTIPs Sub- Committee.

I strongly believe that a deeply technically-focused perspective on the subcommittee is required to ensure that CTIPS maximizes value for all stakeholders and partners. Having spent a number of years working in pure technical analyst positions I understand many of the challenges network defenders face in making effective use of threat intelligence, and how their requirements and use-cases differ from that of the senior policy-makers.

I have placed significant emphasis on ensuring that Context produce actionable, timely and informative technical intelligence, with accompanying mitigations that can be practically implemented by defensive teams. This includes a forensically detailed focus on understanding the adaptability of sophisticated adversary behavior to victim environments, something that I feel has often been a challenge for threat intelligence as an industry to articulate.

Matt Hull is a highly accomplished cybersecurity professional with over 15 years of experience in the field. He holds an MSc in Cyber Security, a BSc in Policing, Criminal Law & Investigations, and an FSc in Criminal Investigations, all from the University of Chester. Matt also holds industry certifications, including the CREST Certified Threat Intelligence Manager (CCTIM) and the CREST Practitioner Security Analyst (CPSA).

Matt currently serves as the Global Head of Threat Intelligence at NCC Group, a leading global cybersecurity firm that provides organizations with expert consulting, managed security services, and software solutions to protect against cyber threats. In this role, he leads a team of experts in identifying and mitigating cyber threats worldwide, and he is responsible for driving the company’s threat intelligence strategy and operations on a global scale.

I have worked in intelligence analysis roles for almost ten years. I currently work in the BAE Systems threat intelligence team, leading the technology-focused threat intelligence service line. My current role sees me writing and reviewing intelligence reports on nation-state threat actor activity and high-level threat and security issues associated with various areas of technology. I also regularly provide intelligence briefings to customers and the wider industry, including a recent presentation at CRESTCon Europe 2023. Before joining BAE in 2018 I worked in Strategic intelligence analysis roles at the Ministry of Defence.

I have a high quality standard of working and enjoy problem solving, improving the efficiency of protocols and procedures.

I believe in diversity and the benefits this can bring in a team, including but not limited to innovative ideas due to different perspectives, better decision making, overall performance and experience. It is possible that I come from a different background to others likely in the sub-committee, as I have four years on the offensive side, e.g. pentesting / security consultancy experience prior to joining the threat intelligence industry. I have also worked for clients within various industries and sectors that I feel would add value to me being part of the intelligence focus group and aim to put this to good use helping CREST develop the industry and promote threat intelligence so it’s more widely adopted.

I am enthusiastic about reporting and documentation using my attention to detail to produce a consistent high standard of work. I am keen to share my knowledge and experience to help train others and have a strong willingness to learn and want to constantly improve myself. I am also passionate about security, mentoring and diversity.

I recently underwent CREST CCTIM exam and have experienced the customer side of certification using the Threat Intelligence related company materials.