CompTIA & FortMesa Look to Build Scalable Cyber Credibility Model for MSPs and IT Pros

CompTIA and FortMesa pen an agreement to strengthen the cybersecurity culture of global MSPs, IT service providers.

Leave a Comment

Spencertown, N.Y.-based FortMesa’s Continurisk Governance, Risk and Compliance (GRC) platform will be deployed to support the new Trustmark program from CompTIA. CompTIA, is of course, the Downers Grove, Ill.-based, nonprofit association for the global technology industry and workforce.

“The work CompTIA is doing in building a scalable cyber credibility model for MSPs and other IT providers is core to the FortMesa ethos and an essential part of rebuilding public trust in outsourced information technology systems – we’re all very excited to support this mission,” says Mathew Fisch, founder and CEO of FortMesa.

FortMesa’s GRC platform will:

  • Allow CompTIA Cybersecurity Trustmark applicants to track progress in addressing and completing the standards outlined in Trustmark documentation.
  • Be accessible to CompTIA members as they enroll in the Trustmark program.
  • Provide actuarial insights and feedback to the Trustmark program.

CompTIA & FortMesa Cybersecurity Trustmark Process

“MSPs will be able to measure the effectiveness of their evolving security program as they progress through the Trustmark process. The addition of FortMesa as a Cybersecurity Programs partner and the inclusion of its GRC platform are exciting and important developments for our Trustmark program and for the global MSP community,” says Wayne Selk, vice president, cybersecurity programs at CompTIA, in a statement.

The CompTIA Cybersecurity Trustmark details a clear path for MSPs to achieve foundational cybersecurity hygiene, laying the groundwork for a functional security program within the organization.

The Trustmark maps to several control frameworks recognized as industry-accepted best cybersecurity practices, including the Center for Internet Security Critical Security Controls, ISO/IEC 27001, the National Institute of Standards and Technology (NIST) SP 800-171, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the New York Department of Financial Services (NYDFS) Cybersecurity Regulation.

Another version of this article originally appeared on our sister-site My TechDecisions on June 5, 2023. It has since been updated for Commercial Integrator’s audience.

If you enjoyed this article and want to receive more valuable industry content like this, click here to sign up for our digital newsletters!