Navigation MenuRealWire Limited

Delivering Relevance, Releasing Influence

Tweet Facebook LinkedIn
Press Release

CREST appoints Andy Woolhead as Global Head of Product


12 April 2022: CREST, the international not-for-profit accreditation and certification body for the cyber security industry, has appointed Andy Woolhead as Global Head of Product, responsible for CREST’s certification and candidate assessment strategy. He joins CREST from his role as Business Development Director at SANS where he worked closely with the UK Government, MOD and law enforcement. Prior to that he served for 24 years in the Royal Navy as Head of Information Warfare, responsible for the development of Naval cyber doctrine.

“It is my pleasure to welcome Andy to the CREST team,” said Rowland Johnson, President of CREST International. “He joins us at a pivotal and exciting time in our growth when we are about to surpass 300 members and this year we are investing more than ever in our exams to support our members and provide clear career paths. Andy’s breadth of knowledge of the cyber security industry and career development strategies will play a key role in CREST’s continued growth.”

The majority of Woolhead’s career in the Royal Navy was spent at sea in a variety of roles, including navigation, anti-submarine warfare and command. His final role took him into cyber where he was responsible for helping to develop the uniformed cyber profession across the MOD in terms of training, culture, infrastructure and supporting operational capability. He joined SANS after leaving the Royal Navy in 2017 to pursue a career in cyber security.

“I am very much looking forward to working with CREST members, the international councils and the whole CREST community to further develop the certification strategy,” said Woolhead. “It is essential that CREST delivers examinations that measure up-to-date skills, knowledge and competence and that provide candidates with a clear career path. We also need to do this globally, while ensuring the highest of standards are maintained.”

CREST is a not-for-profit accreditation and certification body representing the technical information security industry. CREST provides internationally recognised accreditations for organisations providing technical security services and professional level certifications for individuals providing vulnerability assessment, penetration testing, cyber incident response, threat intelligence and security operations centre (SOC) services. CREST Member companies undergo regular and stringent assessment, whilst CREST certified individuals undertake rigorous examinations to demonstrate the highest levels of knowledge, skill and competence. To ensure currency of knowledge in fast changing technical security environments the certification process is repeated every three years.

Each Region has a Council of elected member company representatives who oversee the strategy and activities within the region. The Chairs of each of these Councils represent their region on the CREST International Council. CREST supports its members and the wider information security industry by creating collaborative research material. This provides a strong voice for the industry, opportunities to share knowledge and delivers good practice guidance to the wider community

For more information on CREST:

For media enquires contact: Allie Andrews,