16. Why Buyers of Security Services Need to Leverage CREST w/ Ian Glover

Who do you trust with your network?

Would you give a random person access to the infrastructure that runs your business? 

Anyone with a computer and an Internet connection can set themselves up as a penetration testing or cyber incident response service provider. 

But what methods does your organization have in place for vetting an individual or company that you are potentially allowing unfettered access to your entire network?

Ian Glover, President of CREST, is on the podcast to talk about how CREST provides internationally recognised accreditations for organisations, and professional level certifications for individuals providing penetration testing, incident response, threat intelligence and Security Operations Centre (SOC) services. 

What we talked about:

- CREST and a CISO’s decision making process

- The rigorous process of CREST accreditation and certification

- Why having a certifying body evens the playing field

Check out these resources we mentioned during the podcast:

• CREST
• Sir Ranulph Fiennes
• Bloodhound SSC 1k

This post is based on The Virtual CISO podcast hosted by John Verry and featuring special guest, Ian Glover

To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here.

If you don’t use Apple Podcasts, you can find all our episodes here.