CompTIA Strengthens Security Trustmark

Enhanced business credential is based on latest security best practices

CompTIA, the IT industry association, said recently its CompTIA Security Trustmark+ has been upgraded to match current industry-accepted best practices in cybersecurity.

The CompTIA Security Trustmark+ identifies organizations that adhere to the highest levels of information, personnel and environmental security. It is structured around the five basic tenets of data security: identify, protect, detect, respond and recover.

“With the guidance of experts from our IT Security Community, we’ve strengthened the underpinnings of the trustmark so that it aligns with other rigorous security compliance standards,” said Nancy Hammervik, senior vice president, industry relations, CompTIA.

The trustmark’s updated control framework now parallels the National Institute of Standards and Technology (NIST) Cybersecurity Framework, a consensus description of what’s needed for a comprehensive cybersecurity program. The trustmark also maps to other regulatory compliance standards, including ISO 27001:2013, PCI DSS v3.0, HIPAA and COBIT5.

CompTIA Security Trustmark+ is an audited program. This means companies seeking the credential must undergo an independent, annual security audit to earn and maintain the trustmark. Companies are evaluated in more than a dozen critical areas, including governance, risk assessment, access control, data security and employee awareness and training.

“Businesses that earn the CompTIA Security Trustmark+ have demonstrated through independent validation that they’ve adopted the security standards, guidelines and practices that are most effective at protecting both themselves and their clients,” Hammervik said. “Customers can rest assured that their data is being handled by an organization that takes security seriously and professionally.”

The CompTIA Security Trustmark+ is one of five business credentials available from CompTIA. These credentials help IT companies differentiate themselves as a leader with proven best practices and consistent customer service. For more information, visit http://www.comptia.org/trustmarks.

The updated CompTIA Security Trustmark+ replaces CompTIA’s Security Trustmark, which was introduced in 2008. Companies currently seeking the Security Trustmark credential are encouraged to complete the process by the end of 2014. CompTIA said today no new self-assessed Security Trustmarks will be awarded after March 31, 2015.

About CompTIA
CompTIA is the voice of the world’s information technology (IT) industry. Its members are the companies at the forefront of innovation; and the professionals responsible for maximizing the benefits organizations receive from their investments in technology. CompTIA is dedicated to advancing industry growth through educational programs, market research, networking events, professional certifications and public policy advocacy. For more information, visit CompTIA online (http://www.comptia.org/).