In episode 9 of the Pubcast we interview Yvette Du Toit, who discusses her work establishing the South African chapter of CREST, the Council of Registered Ethical Security Testers.Large organizations tend to formally review their security through the use of third party penetration tests. In doing so we trust an outsider – through the use of contracts, SLAs and NDAs - to attack our infrastructure but not impact stability, reveal our vulnerabilities or leak our data. We give these organizations the mandate to peer into our most confidential systems, often with marginal consideration of the risks that they themselves pose.
The Council of Registered Ethical Security Testers (CREST) is an organization established to offer a demonstrable level of assurance as to the competency of organizations and individuals within those approved companies. It offers the promise of greater assurance for companies utilizing their services.
Yvette Du Toit, is a Manager in Risk Advisory Services, Ernst @ Young. She’s taken it upon herself to establish the South African chapter of CREST, the Council of Registered Ethical Security Testers. In this episode she discusses the objectives of CREST, and where the process is in South Africa.
Pubcast Episode 9 (Full)
Download the Full Audio File
Pubcast Episode 9 (Part 1)
Pubcast Episode 9 (Part 2)
Pubcast Episode 9 (Part 3)
Pubcast Episode 9 (Part 4)