CompTIA adopts federal framework for cybersecurity

The major IT industry group CompTIA has tweaked its security certification program to match the National Institute of Standards and Technology (NIST) cybersecurity framework.

CompTIA has board members from Comcast, Dell, Hewlett-Packard and Xerox. Its CompTIA Security Trustmark+ program evaluates companies’ cybersecurity architecture.

“We’ve strengthened the underpinnings of the Trustmark so that it aligns with other rigorous security compliance standards,” said Nancy Hammervik, CompTIA senior vice president for industry relations.

{mosads}Industry groups and government departments have been the main proponents of the federal framework. Surveys show small businesses have largely yet to discuss, let alone implement, the guidance for guarding against hackers.

One health IT industry group told NIST that awareness of the framework in the healthcare sector is “modest,” and that adoption is “likely to be very small.”

Last week, the National Cyber Security Alliance partnered with the International Franchise Association to bring basic cybersecurity measures based on the NIST framework to popular franchises such as 7-Eleven, Dairy Queen, Jiffy Lube, Papa John’s and KFC.

CompTIA has roughly 40 companies in the Trustmark+ program.

Hammervik noted those companies undergo independent audits to earn accreditation.

“Customers can rest assured that their data is being handled by an organization that takes security seriously and professionally,” she said.