The GTIA Cybersecurity Trustmark was launched in 2023 and is an assurance offered to Managed Service Providers (MSPs) who adhere to industry-supported cybersecurity best practices and controls.The The Trustmark, grounded in the Center for Internet Security’s (CIS) 18 Critical Security Controls and other esteemed frameworks, serves as a sound strategic step for Managed Service Providers (MSPs) catering to diverse compliance and regulatory requirements. Earning the Trustmark allows MSPs to stand out by showcasing they have met or surpassed industry standards.
The GTIA Security Trustmark+ is an offering based on the NIST Cybersecurity Framework. It provides MSPs with a cost-effective pathway to demonstrate compliance with key industry regulations such as PCI-DSS, SSAE-16, and HIPAA.
The need for the GTIA Cybersecurity Trustmark stems from the challenges MSPs face serving clients in diverse industries with varying compliance and regulatory mandates. With the Trustmark designation, MSPs will differentiate themselves from the competition while providing third-party evidence to clients that employ robust cybersecurity best practices and current compliance standards.
The SureShield platform simplifies GTIA Cybersecurity Trustmark assurance by automating technical controls and guiding MSP through operational controls. SureShield’s automation reduces overall assurance costs by as much as 70% compared to traditional, labor-intensive methods. For organizations requiring compliance with multiple frameworks, crosswalk automation drives cost savings of up to 90%.
An organization must prove that it follows the best cybersecurity practices.
Verification by a third-party evaluator is needed to show that the organization meets all the criteria established by the GTIA Security Trustmark.
A comprehensive review is conducted, including operating procedures, organization, tools, systems, and customer reviews.
GTIA awards Trustmark assurance to those who uphold the highest standards.
Companies participating in the GTIA Cybersecurity Trustmark program follow a structured approach to achieve three key milestones:
The readiness path assists Managed Service Providers (MSPs) in establishing their current security and risk standing. This involves conducting a gap analysis and, if needed, obtaining mentorship.
Subsequently, the self-attestation path involves an audit review of select controls, generating a comprehensive report that outlines necessary actions and additional milestones to progress towards obtaining the Trustmark assurance.
The final stage entails a thorough audit of all controls and the submission of requisite evidence. Following the audit review, a report is issued. Upon approval by the auditor, the application proceeds to the Accreditation Board for final review, acceptance, and acknowledgment, culminating in the awarding of the Trustmark assurance.
Activate GTIA Cybersecurity Trustmark framework
Install scanner for compliance evidence gathering
Review baseline evidence to score compliance control status
Close compliance gaps
Ongoing compliance and gap surveillance
Enforced maintenance of compliance readiness
Do you need help assessing your compliance readiness? Learn how our automated crosswalk technology will dramatically reduce your labor requirements. Schedule your free consulting session, up to 1 hour.
