Welcome to the CRESTCon & IISP Congress Conference and Exhibition

CRESTCon & IISP Congress is a unique event that brings together leading technical and business information security professionals. Now in its fifth year, the event has become a key date in the industry calendar, attracting an impressive line-up of speakers and over 400 senior delegates.

2017’s CRESTCon & IISP Congress was a great success with over 500 delegates. Slides, filmed presentations and interviews from 2017’s event will be made available here as soon as each one is available: 2017 presentation downloads

In 2016 we included a third stream and a bookshop/meeting area, as well as expanding the exhibition and demo areas.  For 2017 we are building further on the success of these new features in response to the very positive feedback we received from delegates and sponsors.  This year we will be extending the length of the day to incorporate further networking and entertainment. Delegates will include senior security, risk and compliance managers from a wide range of public and private sector organisations, along with security consultants and business directors working in the technical information assurance and response industry.

For filmed interviews and presentations from previous events go to  CREST YouTube


Latest Tweets from CREST
Latest Tweets from IISP


CREST is a not-for-profit accreditation body that represents the technical information security industry. As part of this, CREST provides internationally recognised certifications for organisations and individuals providing penetration testing, cyber incident response and security architecture services. Member companies undergo a rigorous assessment and certification process that looks at methodologies, legal and regulatory standards, staff vetting and data handling. CREST qualified individuals have passed challenging professional level examinations that demonstrate their knowledge, skill and competence. Company assessments and individual qualifications are underpinned by a strict and enforceable code of conduct.

All CREST examinations and processes have been reviewed and approved by CESG, the Information Security arm of GCHQ, the UK Government Communications Headquarters. CREST has member companies in a number of countries and a formally established Chapter in Australia.

About The IISP

The IISP is a not–for-profit body with the principle objective to advance the professionalism of the Information Security Industry. Formed in 2005, the IISP has a growing membership, drawn from a wide range of disciplines and sectors. The Institute aims to be the authoritative body for information security professionals and to act as an accreditation authority for the industry. Its activities are shaped by the membership and governed by an elected Board of industry leaders who provide their time on a voluntary basis.

The IISP Skills Framework is the only industry accepted framework for measuring the practical hands-on knowledge and experience of information security professionals. The framework is used by the Institute to accredit the competency of information security professionals at Associate and Full membership levels and to accredit training courses. Within the UK, the IISP Skills Framework has also been adopted by Government to assess individuals through the CESG Certified Professional Scheme and by e-skills, to build a National Occupational Standard.