UK Cert Body Crest Signs NSA MoU

UK security certification body Crest is set to take over the NSA’s own accreditation program, in a major validation for the scheme and Britain’s expertise in the sector.

Crest signed a Memorandum of Understanding (MoU) with the spy agency this week to take over the operation of its Cyber Incident Response Assistance (CIRA) program.

It’s also launched a US Chapter based in New York, and announced Gotham Digital Science (GDS), MWR InfoSecurity, Nettitude, Stroz Friedberg and Trustwave as its first members.

Crest will apparently be tasked with taking over from the Information Assurance Directorate (IAD) of the NSA and growing the CIRA program while maintaining its integrity.

Rowland Johnson, director of Crest International, claimed that the body has benefited from being “operated by its members for its members.”

“As a consequence it has been able to harness its members’ guidance and thought leadership to support the maturity of technical assurance industry,” he told Infosecurity.

“Crest provides a vehicle for organizations that on day to day basis may compete with one another, to come together to shape the maturity and professionalization of the industry. This is done through workshops, seminars and shared research projects that are designed to enhance the capabilities of the sector in line with the evolving cyber threat.”

The size of the US market will require a dedicated approach, according to Johnson.

“Crest has built an accreditation and certification framework that will allow the Crest USA chapter to be run and operated by a US board of executives,” he added. “As a consequence, they will have the ability to shape the direction of the CREST USA focus, whilst adhering to a shared vision of consistency across global markets.”

The body is apparently supported by the Foreign Office in helping to promote the UK’s cybersecurity expertise abroad.

What’s Hot on Infosecurity Magazine?