Riding high on the CREST of accreditation
Why adherence to standards is important for cyber security providers – and especially for buyers
It’s always nice to be recognised for one’s achievements, and for Cisco, our approved membership of the Council for Registered Ethical Security Testers (CREST) confirms our status as a reputable provider of cyber security services and products across several important areas. These include security incident response, threat intelligence, sophisticated red team and penetration testing services.
Accreditation is essential for any company delivering almost any type of service. After all, most organisations want to be want to adhere to standards, receive acknowledgement within their field, and be seen to supply a quality product.
However, formal approval is especially critical for suppliers of IT security services, not only because it’s a rapidly growing and competitive market with more and more vendors coming on board by the day, but also due to the wide-ranging implications of a security breach and the damage it can do to both profits and reputation.
But what exactly is CREST and why does it matter to organisations like Cisco?
CREST of approval
CREST is a not-for-profit organisation that is overseeing the development of standards and codes of conduct for the cyber security industry, together with accreditation and training for its workforce. Working with suppliers, CREST has guided the development of best practice principles for measuring the capability of companies, and does the same for their employees through professional development and individual certification.
CREST is also committed to addressing market’s needs by ensuring sufficient capability and works to provide assurance that cyber security products and services meet specific local needs. This is of course, good news for those looking to buy cyber security services, as it gives assurance that CREST accredited vendors are both reputable and able to deliver the solutions they need.
It’s also great news for those of us who supply these services; by providing a structured regulatory framework for buyers to procure services and by accrediting companies and offering certification to individuals, CREST is professionalising the cyber security industry and helping suppliers build their reputation.
And that’s not all – CREST also encourages industry collaboration and information sharing to encourage best practice and reduce the risk of cyber-attacks, while also giving organisations venturing into this field a clear framework to work from.
Global CREST of approval
While CREST operates at a domestic level, helping individual countries progress their cyber security capability, it also takes into account international standards. In fact, CREST has been so successful it is rapidly becoming the standard-bearer for cyber security standards across the globe.
So you can see why CREST matters to businesses like Cisco and why we are particularly proud to be part of its elite global membership list, which acknowledges that we deliver services in all four global regions – EMEA, the Americas, Asia and Australasia.
Like I said at the start, it’s nice to be recognised – and it’s great for our customers to know that when they partner with Cisco Security Advisory Services team, they are engaging with a supplier whose services have not only been thoroughly tested and accredited, but are tried and trusted across the globe.