As the Council of Registered Ethical Security Testers (CREST) is playing an increasingly important role in certifying security expertise, attending the CRESTCon & IISP Congress is a must for anyone working in the industry. This year’s event, which took place in London on March 19th, kicked off with an introduction from Ian Glover, CREST’s President, and was followed by two streams of talks from industry leaders on a variety of topics, including cyber incident response. The talks provided something for everyone, offering deeper technical insight for those who live and breathe technology, to the more high-level sessions geared at those involved in strategic planning and communication within their enterprises. After all, cyber security is no longer just the concern of overstretched IT executives. Indeed, with high-profile data breaches – such as the recent eBay incident – attracting the attention of C-Level executives, cyber security has certainly climbed the boardroom agenda in recent years!