Welcome to the CRESTCon & IISP Congress Conference and Exhibition

Now in its sixth year, CRESTCon and IISP Congress is a unique event that brings together leading technical and business information security professionals and is a key date in the industry calendar, attracting an impressive line-up of speakers and senior delegates.  This year we also welcome the BCS Security Conference in the third stream.

2017’s event welcomed over 450 delegates, had three conference streams, a bookshop/meeting area, as well as expanded exhibition and demo areas and for 2018 we are building further on the success of these features. We will also be extending the length of the day to incorporate further networking and entertainment in response to the feedback received from delegates and sponsors.

Delegates at the event include senior security, risk and compliance managers from a wide range of public and private sector organisations, along with security consultants and business directors working in the technical information assurance and response industry.

For filmed interviews and presentations from previous events go to  CREST YouTube


Latest Tweets from CREST
Latest Tweets from IISP


CREST is a not-for-profit accreditation body that represents the technical information security industry. As part of this, CREST provides internationally recognised certifications for organisations and individuals providing penetration testing, cyber incident response and security architecture services. Member companies undergo a rigorous assessment and certification process that looks at methodologies, legal and regulatory standards, staff vetting and data handling. CREST qualified individuals have passed challenging professional level examinations that demonstrate their knowledge, skill and competence. Company assessments and individual qualifications are underpinned by a strict and enforceable code of conduct.

All CREST examinations and processes have been reviewed and approved by CESG, the Information Security arm of GCHQ, the UK Government Communications Headquarters. CREST has member companies in a number of countries and a formally established Chapter in Australia.

About The IISP

The IISP is a not–for-profit body with the principle objective to advance the professionalism of the Information Security Industry. Formed in 2005, the IISP has a growing membership, drawn from a wide range of disciplines and sectors. The Institute aims to be the authoritative body for information security professionals and to act as an accreditation authority for the industry. Its activities are shaped by the membership and governed by an elected Board of industry leaders who provide their time on a voluntary basis.

The IISP Skills Framework is the only industry accepted framework for measuring the practical hands-on knowledge and experience of information security professionals. The framework is used by the Institute to accredit the competency of information security professionals at Associate and Full membership levels and to accredit training courses. Within the UK, the IISP Skills Framework has also been adopted by Government to assess individuals through the CESG Certified Professional Scheme and by e-skills, to build a National Occupational Standard.