22 March 2023 – London, UK – CovertSwarm, a leading global ethical hacking and cyber security service provider that close the Cyber Risk Gap resulting from traditional offensive security approaches, has announced today that the business is now ISO 27001 and ISO 9001 accredited.
ISO/IEC 27001 is recognised as the world’s best-known standard for information security management systems (ISMS), while ISO 9001 demonstrates CovertSwarm’s commitment to best practices with its quality management system (QMS).
These accreditations come just months after the company also became accredited by The Council for Registered Ethical Security Testers (CREST), a certification that represents and supports the technical information security market and calls for more regulated penetration vulnerability testing.
In order to achieve ISO accreditations, businesses are required to go through an extensive audit of policies, processes, and procedures relating to the delivery of their offensive security service.
And securing both ISO 27001 and ISO 9001 has been an important objective for CovertSwarm since its inception, with the company’s focus now on ensuring that those best practices are embedded into its culture.
Speaking about the news, Luke Potter, Chief Operating Officer at CovertSwarm, said: “One thing that I’m deeply passionate about is that these compliance accreditations are, wrongly, seen as a tick box and not something that truly gets embedded into business culture. That’s not the case here. Both of these systems are embedded into our culture.
“We live and breathe these systems continuously and we will be improving them all the time based on the feedback we receive. We strive to be continuously compliant – to the point that if these management systems were to be audited tomorrow, next week, or six months down the line, they’d still meet that gold standard we were originally judged.”
For the service they provide, CovertSwarm believes that anything less than gold-standard accreditation is not good enough.
Luke added: “There is a good synergy between the way we think about quality management, the way we think about information security management, and the way we are as a basis in terms of the challenge we have to the traditional offensive security approaches.
“From a business driver perspective, we want to continuously improve, we want to demonstrate how seriously we take this as much as our clients do.
“And this is the final permission we need to go and play in this industry and really make a difference.”
The team at CovertSwarm is driven by a single objective –
To constantly compromise the security of our clients through the deep detection of blind spots within their cyber defences and technology stacks before real threat actors are able to exploit them.
Our continuous client-focused cyber intelligence gathering, simulated attack, clear vulnerability reporting, live ethical hacker interaction capability and follow-up education services challenge the status quo of a cyber market in desperate need of modernisation.
Organisations seeking higher degrees of cyber assurance and security confidence than those offered by ‘snapshot’ penetration testing and red team engagements are increasingly partnering with us. They agree that ‘point in time’ testing is no longer enough to secure their organisations, and it is through this shared ethos that CovertSwarm challenges everything that has so far been considered to be ‘standard’ in today’s cyber vendor market.