Buying & Building Cyber Services icon
Back
Accreditation Pathway & Membership icon
Back
Skills, Certifications & Careers icon
Back
News, Events & Research icon
Back
About Us icon
Back
Login to profile
Join Today Find a Supplier
Home  »  News   »   GTIA selects CREST Members to help ensure MSPs adhere to cyber best practices

GTIA selects CREST Members to help ensure MSPs adhere to cyber best practices

Released: 30 April 2025

The Global Technology Industry Association (“GTIA”) (formerly the CompTIA Community), have chosen to exclusively use CREST Member companies to assess Managed Service Providers (“MSPs”) for their Cybersecurity Trustmark.

The GTIA Cybersecurity Trustmark has at its foundation the Center for Internet Security’s (CIS) 18 Critical Security Controls, as well as controls from other globally recognized frameworks, to form industry-accepted best practices.

CREST Members with the CIS Controls Accreditation will be eligible to support GTIA. More information can be found here: GTIA Cybersecurity Trustmark

GTIA’s full press release is copied below:

Global Technology Industry Association, CREST and CIS team to ensure MSPs adhere to cyber best practices

New partnership provides independent view into assessments of managed service providers’ security prowess.

OAK BROOK TERRACE, Ill., April 30, 2025 — The Global Technology Industry Association (GTIA), the nonprofit membership community connecting and representing the worldwide IT channel, today announced a joint initiative with CREST, an international not-for-profit accreditation and certification body, that will ultimately help managed service providers (MSPs) and other tech organizations prove their cybersecurity prowess.

The agreement gives CREST the ability to accredit third-party assessors for the GTIA Cybersecurity Trustmark, an assurance based on the Center for Internet Security’s (CIS) 18 Critical Security Controls, as well as controls from other globally recognized frameworks, to form industry-accepted best practices.

Currently, GTIA uses CREST-accredited VerSprite as an independent third-party assessor for the GTIA Cybersecurity Trustmark. Now, CREST will help accredit potential assessors using the CIS Controls Accreditation as more MSPs, solution providers and other tech organizations seek the GTIA Cybersecurity Trustmark assurance.

“Having an independent, separate entity to vet and approve companies to assess the Trustmark helps to ensure integrity in the entire assessment process,” said Wayne R. Selk, vice president of cybersecurity programs at GTIA.

Reaching and adhering to a standard set of security controls is a high priority for many MSPs and many clients now need their tech partners to prove their security prowess. GTIA selected CREST to help with assessors’ accreditation because of CREST’s experience with CIS controls, much of which serves as the framework for the GTIA Cybersecurity Trustmark.

“We spent a lot of time developing the GTIA Cybersecurity Trustmark to be a globally recognized assurance that MSPs meet certain standards and are capable of adhering to certain cybersecurity controls and protocols,” Selk said. “As the number of MSPs holding the Trustmark increases, we will need more assessors to manage the pipeline of both initial assessments and renewals. Partnering with a leader in the cybersecurity accreditation space like CREST will help GTIA expand the reach and scope of the GTIA Cybersecurity Trustmark.”

“Partnering with two other cyber non-profits to push forward cyber resilience in the MSP sector,” said Nick Benson, CEO of CREST, “is exactly the kind of meaningful and active collaboration we need more of across the cybersecurity ecosystem. We are confident that the shared endeavors of CREST, GTIA and CIS will materially drive forward standards and quality in this critical sector.”

About the Global Technology Industry Association  

The Global Technology Industry Association (GTIA) is the only vendor-neutral, 501(c)(6) nonprofit membership community connecting and representing the worldwide IT channel. We set our members up for success by providing benefits that include trusted resources and networking opportunities. In addition, the association sets industry standards that enable companies to build sustainable, secure and profitable businesses in an ever-changing technology landscape. Internationally, GTIA represents tens of thousands of professionals from more than 2,000 MSPs, solution providers, vendors, distributors and other companies serving the IT channel. GTIA was formerly known as the CompTIA Community (the membership arm of CompTIA). For more information, visit gtia.org.   

About CIS

The Center for Internet Security, Inc. (CIS®) makes the connected world a safer place for people, businesses, and governments through our core competencies of collaboration and innovation. We are a community-driven nonprofit, responsible for the CIS Critical Security Controls® and CIS Benchmarks™, globally recognized best practices for securing IT systems and data. We lead a global community of IT professionals to continuously evolve these standards and provide products and services to proactively safeguard against emerging threats. Our CIS Hardened Images® provide secure, on-demand, scalable computing environments in the cloud. CIS is home to the Multi-State Information Sharing and Analysis Center® (MS-ISAC®), the trusted resource for cyber threat prevention, protection, response, and recovery for U.S. State, Local, Tribal, and Territorial government entities. To learn more, visit CISecurity.org or follow us on X: @CISecurity.