CREST, a leading international non-profit cybersecurity accreditation and certification organization, announced plans this week to partner with Immersive Labs to help CREST members develop their defensive and offensive cybersecurity skills.

The Immersive Labs platform will provide access to hands-on simulations of threats and mitigation techniques, with a special emphasis on incident response. The course will allow those preparing for CREST examinations to train and improve capabilities in line with the certification framework. 

CREST has traditionally been a closed-book setup with little-or-no certified training courses, said Andy Gill, senior security consultant at LARES Consulting. Gill said the recent move to training courses and partnering with training bodies such as Immersive Labs and Hack The Box shows flexibility to encourage folks into structured learning paths.

"For a while, there was a massive skills shortage in specific security areas, so the university courses and self-study courses were geared towards offensive security to try and fill those gaps,” Gill said. “Again the market moves in waves, and there’s forever a shortage in the defensive sphere with not enough focus on the entry positions. Many new candidates to the industry are all geared up for hacking or focused on pen testing, with little thought given to the real heroes of this story: the blue team.”

Mark Aiello, president of CyberSN, added that this parternship offers some good news.

“We’re pleased to see other companies providing solutions for new-to-cyber professionals,” Aiello said. “We believe this underserved group is the key to solving the shortage of cybersecurity pros needed worldwide over the next five years. Kudos to them for helping solve this important issue."