CREST Cyber Security Incident Response (CSIR) scheme
CREST certified companies delivering effective cyber security incident response services for the majority of industry, the wider public sector and academia.
The Cyber Security Incident Response scheme (CSIR) is approved by CREST (Council of Registered Ethical Security Testers) and focuses on appropriate standards for incident response suited to industry, the wider public sector and academia.
The NCSC and CPNI have endorsed the CREST CSIR scheme as having the necessary requirements and control mechanisms to ensure CREST certified companies are able to deliver effective cyber security incident response services.
Details of requirements and application process are available on the CREST website.
Mandated cyber security professional qualifications (eg, Intrusion Analysis, Malware Reverse Engineering) for service providers certified under both the NCSC/CPNI and CREST schemes are being phased in. Until this is complete, the holding of such qualifications will be considered desirable, but not mandatory, evidence that the potential service provider meets the relevant scheme requirements.
Was this information helpful?
We need your feedback to improve this content.