In autumn 2025, Intersys enrolled in the CREST Accreditation Pathway Programme. This marks an important step for our organisation and our clients, demonstrating our commitment to achieving full CREST membership. While we have not yet obtained accreditation, participation in this programme reflects our determination to meet the rigorous standards that will position Intersys among the global leaders in cyber security.
As our Head of Security, Jake Ives, explains: “We already adhere to leading cyber and information security standards. Pursuing CREST Accreditation is about further strengthening our credentials and signalling to organisations across all sectors – including highly regulated industries such as insurance, financial services, and life sciences – that we are a robust, credible, and ethical partner.”
Here’s some more information about the accreditation.
What is CREST?
Since 2006, CREST has represented the global cyber security industry in a mission to collectively raise standards and provide ‘confidence to the buying community, government and regulators’. CREST has over 500 accredited member companies operating across dozens of countries, and each is assessed against a rigorous standard.
Why are we aiming for accreditation?
CREST is generally considered in the industry to be the most exacting accreditation worldwide. We are confident in the high standard of our cyber security operations and want our service to be tested against CREST criteria. We also want to continually improve our offer, as the CREST accreditation demands.
Also, cyber security has become a crowded market, featuring providers of varying quality and competence. CREST is our way of proving our credentials as a provider among the very best. It’s a trust signal to public bodies, governments and highly regulated industries that we demonstrate excellence and reliability.
Isn’t Intersys already properly accredited?
Yes. We hold Cyber Essentials Plus certification and provide consultancy to help other organisations achieve this standard.
In addition, we undergo annual audits for ISO 27001, the international standard for information security management systems. This certification demonstrates our commitment to safeguarding information assets such as customer data, intellectual property, and financial records, covering people, processes, and technology.
CREST will represent a further level of assurance, with standards tailored specifically for cyber security service providers. Achieving this accreditation will reinforce our position as a trusted, ethical, and industry-leading partner.
How does the process work?
CREST Accreditation is achieved on the ‘CREST Pathway’ a process that helps organisations work towards this goal.
Here’s an extract from the CREST website that summarises mandatories that must be achieved.
‘All members must complete a rigorous application process which examines their quality processes and procedures; compliance with standards compliance (e.g. ISO27001, ISO9001); professional indemnity insurance; contract management; informational security processes; complaint handing and conflict of interest policies.’
Accreditation assures that companies:
- Operate with robust governance and security controls
- Employ highly skilled and technically competent professionals
- Follow proven methodologies and best practices
- Uphold high standards of data security and client protection
Why is it good for our partners and customers?
As we’ve mentioned, CREST accreditation is a strong trust signal of quality. It’s worth reiterating how important this is in today’s market. Anyone with moderate IT knowledge can set themselves up as a cyber security provider and we have heard many stories of customers becoming victim to plausible-sounding but, frankly, woefully undertrained cyber security teams.
The CREST accreditation helps organisations that require robust and compliant cyber security to confidently pick the right provider.
Where can I find out more?
Visit https://www.crest-approved.org/ for further information.
Intersys is a cyber security provider with over 25 years of experience keeping businesses safe. Find out more about our Cyber Security as a Service, our most comprehensive protection. You can also investigate which services are appropriate for your organisation at its current stage of maturity by taking a look at our Hierarchy of Cyber Security Needs. This provides clear advice about what steps you should take next to further harden your security.