CREST

CREST

Enhancing technical information security for business

Enhancing technical information security for business
Red Overlay
CREST
CREST
Red Overlay

CREST Approved schemes

In today’s increasing risk landscape, the need for organizations to mitigate cyber risk and to implement the right levels of cybersecurity continues to rise up the business agenda. However, many organizations find it a challenge to know where to start and how to identify trusted, competent suppliers. That’s where CREST approved schemes can help.

CREST is a not-for-profit industry body whose role is to create and maintain high standards within the technical information security industry, and to drive a consistent quality level across its member organizations.  

Our CREST approved schemes

BSI is a member of CREST for a number of different schemes globally, which reinforces our expertise to deliver these important business services. It also demonstrates our commitment to work with leading industry bodies to help improve the business environment and enhance cybersecurity.

CREST Cyber Security Incident Response

BSI is an approved global provider of CREST Cyber Security Incident Response (CSIR) services. This enables us to support you to assess your readiness to respond to cyber-incidents and feel prepared to deal with incident containment, as well as evidence gathering to support forensic investigations and your overall response. Plus if you have a suspected or actual cyber security breach or incident, we can assist you to scope, analyse, contain and eradicate the incident.

Our team will help you to: 

  • Identify likely threat scenarios that would result in the need for a cybersecurity incident response and/or forensic investigation
  • Identify desired outcomes based on each threat scenario 
  • Perform GAP analysis on existing controls and monitoring systems to identify areas for improvement
  • Identify legal and regulatory requirements such as the ability to carry out investigations, any requirement to retain and protect evidence, and any requirement to report such incidents to law enforcement/other regulatory authorities
  • Identify internal capabilities and the need for engagement with specialist third parties for tasks, such as forensic analysis, host triage and log analysis.
  • Develop cyber incident and forensic investigation plans
  • Put in place measures to test plans with periodic reviews and updates
  • Respond to a suspected breach or incident 
Contact us to talk about your requirements for incident response >

CREST penetration testing

BSI is an approved global provider of CREST security penetration services providing customers with high levels of assurance that their systems are free from security configuration errors and known security vulnerabilities. Specific security penetration testing services BSI provide include:

  • Infrastructure testing
  • Application testing
  • Server build reviews
  • Mobile devices
  • Wireless networks
  • SCADA and ICS security
  • IOT testing
  • Connected and Autonomous Vehicles (CAV)
  • Source code review
  • Workstation/laptop build review
  • Virtualization testing
  • Stolen laptop review
  • Gold build image review
  • Database review
  • Environment breakout
Read more about our penetration testing services >