Oz ethical hackers to be set professional standards
- 09 March, 2012 12:03
Penetration testing, also known as "pentesting" or "ethical hacking", took a step away from its sometimes unruly reputation today with the establishment of an Australian branch of the Council of Registered Ethical Security Testers (CREST).
"CREST Australia will have the important role of establishing clear and agreed standards for cyber security testing," said attorney-general Nicola Roxon in a media statement.
"These standards will help the business sector be confident that the work conducted by IT professionals is completed with integrity, accountability and to agreed standards."
CREST Australia is affiliated with CREST Great Britain.
Individual members of that organisation must pass exams to validate their competence.
Currently CREST rates individuals as a CREST Registered Tester, or as one or both of two CREST Certified Tester qualifications, one for network testing and one for application testing.
Member companies must meet CREST's standards of management, integrity and accountability.
"By having this function performed by an Australian arm of a recognised body such as CREST, qualifications can be recognised internationally, promoting a recognised international standard," Roxon said.
While CREST Australia is an independent not-for-profit organisation it will "work closely with Government" — a fact reinforced by the media statement being tagged with an explanation of CERT Australia, Australia's official national computer emergency response team (CERT).
Alastair MacGibbon has been appointed as CREST Australia's first chief executive officer.
MacGibbon is well-known in the information security community. He was founding director of the Australian Federal Police's Australian High Tech Crime Centre, and director of trust and safety for eBay Australia & New Zealand.
He is currently director of the Centre of Internet Safety at the University of Canberra, as well as a consultant in the private sector through the Surete Group.
CREST is not the only certification body for penetration testers. Certifications are also offered by the Tiger Scheme, the SANS Institute and Offensive Security, amongst others.
Register Today. Hear from Rob Livingstone, Michael Barnes, Steve Quane and Dave Asprey amongst others on the Evolution, Trends, Solutions and the Future of Cloud Security, limited seats register today through CSO.
Join the Computerworld Australia group on Linkedin. The group is open to IT Directors, IT Managers, Infrastructure Managers, Network Managers, Security Managers, Communications Managers.
- A/NZ College of Anaesthetists to expand campus security monitoring
- Credit Union Australia signs Good Technology to secure 400 devices
- Taxi startup ingogo hails $3.4 million in latest funding round
- Updated: Federal Court dismisses Aust Post trade mark appeal
- Ruyton Girls’ School to swap paper books for tablets
Amazon drones are 'fantasy,' says eBay CEO
Training critical to Australia tapping broadband potential: CSIRO
US faces major Internet image problem, former gov't official says
Why CIOs stick with cloud computing despite NSA snooping scandal
Telstra hits 300 Mbps in LTE-A trial