Ian Glover

Ian Glover

Company: CREST

Job Title: President


Ian has worked in the IT industry for the last 40 years and has been working in information security for the last 36 years - and has enjoyed nearly every minute of it. As President of CREST he has taken it to a position of influence in the technical security industry and has been instrumental in many major industry initiatives. These include the award winning Cyber Essentials scheme, which assesses basic levels of cyber hygiene; and the CREST, Bank of England and Government project to develop the STAR and CBEST Schemes that are designed to provide higher levels of assurance for critical parts of the UK financial services and other parts of the critical national infrastructure. He also helped to develop and implement the UK Government CIR (Cyber Incident Response) and CREST Cyber Security Incident Response (CSIR) schemes.

Internationally he is working with governments and regulators to establish or develop CREST chapters in Singapore, Hong Kong, Malaysia, Australia and the USA. He is also supporting member companies in many other regions. Prior to representing CREST, Ian was one of the founders of Insight Consulting, a leading specialist information security consultancy. The business was purchased by Siemens. He then sat on the Board of Siemens Communications. Prior to establishing Insight Consulting has worked for the MoD, Treasury (CCTA) and Ernst and Young.

Ian Glover Seminars

  • Please hack my car – Is bug bounty an appropriate way of testing autonomous vehicles? Wed 26th Sep 01:00 - 01:30

    Please hack my car – Is bug bounty an appropriate way of testing autonomous vehicles?

    Crowdsourcing the identification of vulnerabilities is attractive and has led to the development of bug bounty programmes. These programmes provide recognition to researchers for reporting vulnerabilities. Bug bounty programmes are being launched at a remarkable pace with evidence of both good and bad practice. Currently there is no definition of good practice and no guidelines for those procuring bug bounty programmes nor support or guidance for the researchers. There is also no clear view on the appropriateness of using such programmes to test safety critical systems such as those used on autonomous vehicles.
    Would you be comfortable travelling in an autonomous vehicle where suppliers are actively allowing the vehicle to be hacked; or do you feel more confident travelling in a vehicle that has been openly tested by the crowd?


    Ian Glover

    Ian Glover

    Time / Place

    Wed 26th Sep 01:00 to 01:30

    The Keynote