Defining a New Vision for CRESTPresident of CREST Shares Plans to Rejuvenate the Testing Accreditation Group
Last year, Rowland Johnson took on the role of president of CREST, the international not-for-profit membership body representing the global cybersecurity industry. Over the past 12 months, he says, he's taken a moment to "pause and reflect" and "define a new vision and mission" for CREST.
"I think many people sort of perceived us as the organization that did pen-testing exams, and we've had a huge amount of success in that space. But as years have gone by, pen testing evolved into incident and response into threat intelligence into SOC into red teaming," he says.
"The recalibrated CREST is one that continues to focus on certifications, it continues to focus on accreditation, but really with the intention of driving maximum amounts of member benefit so that they can engage with buyers more effectively," he adds.
In this video interview with Information Security Media Group, Johnson discusses:
- How CREST is renewing its brand and mission;
- Updates from CREST, such as the launch of its Defensible Penetration Test, a specification that provides recommendations on how penetration tests should be scoped;
- The key benefits for organizations that engage a third-party pen-testing service to uncover vulnerabilities that can be exploited by attackers.
Johnson is focused on driving initiatives to deliver increased engagement across the 250+ CREST members and all CREST-qualified individuals globally. He is responsible for working internationally with governments, regulators and other key industry stakeholders to build stronger technical cybersecurity ecosystems. A former member of the CREST Great Britain Executive Board, serving between 2014 and 2020, he has been a dedicated supporter of the organization and was instrumental in CREST's international growth, playing an integral role in the creation of CREST chapters in Singapore, the United States and Hong Kong.