The emergence of innovative technology solutions is the definition of a catch-22. On one hand, evolving technology opens doors, advances opportunities and has the potential to enhance our quality of life. But on the other hand, our ever-increasing digital lifestyle can’t help but attract bad actors whose sole mission is to exploit vulnerabilities. This is why cybersecurity is a huge priority for CompTIA—and should be for everybody in the business of technology.
The Importance of Cybersecurity
The CompTIA 2021 Industry Outlook points to zero trust as the paradigm that will guide new cybersecurity practices. Basically, instead of trusting any network behavior or user access that appears to come from a secure location, everything must be verified. Of course, this requires up-front risk analysis, recognizing that data and applications need to be secured individually, and continuously monitoring the entire operation to check for anomalies and overall health.
While absolute security is a myth currently, we can get to a place where our approach is based on what you can do to prevent an attack, how you can mitigate the risk of a possible attack, and what to do if you have been attacked. How does the technology industry collectively get to that place—and then make sure our customers also get there? It starts with sharing what we’ve learned with a trusted group of peers and being a CompTIA member gives you the opportunity to do just that.
CompTIA’s Cybersecurity Watering Holes
Think of CompTIA as a gathering place. It’s the hub where people working in the business of technology, like you, pose questions, contribute advice, share experiences and teach others. When it comes to cybersecurity, CompTIA membership, as well as CompTIA ISAO membership, provides you with everything from industry leading-research and standards, a variety of ways to get involved with groups dedicated to security topics, events and education, and access to timely and actionable cyber threat intelligence.
Let’s explore what CompTIA has to offer members:
- The CompTIA Information Sharing and Analysis Organization (ISAO) tailors proactive threat intelligence and actionable analysis to meet the needs of technology vendors, MSPs, MSSPs, solution providers, integrators, distributors, business technology consultants and their customers. Members also have access to the Cyber Forum, a trusted peer community.
- The Cybersecurity Community helps technology providers become market-ready and find smart ways to monetize cybersecurity. Members of this community are making a difference by working together to create resources that can help you grow your business and benefit your customers.
- The Cybersecurity Advisory Council works closely with the two groups listed above to develop the tools and resources that tech companies can use to increase the cyber resilience of the IT industry and accelerate the adoption of best practices.
- Our Federal Cybersecurity Committee, housed within the Federal Procurement Council, provides public sector members an opportunity to stay up to date on policy and regulatory issues, connect with key government officials and advocate for effective cybersecurity policies through exclusive events and programing.
- The CompTIA Security Trustmark+ is based on the NIST Cybersecurity Framework and provides a cost-effective path for demonstrating compliance with key industry regulations such as PCI-DSS, SSAE-16, HIPAA and others reliant on the NIST framework. The CompTIA Channel Standard: Cybersecurity is another valuable resource for CompTIA members. Based on the NIST framework, it provides best practices for establishing an effective cybersecurity program.
- CompTIA cybersecurity certifications include Security+, CompTIA Cybersecurity Analyst (CySA+), CompTIA Advanced Security Practitioner (CASP+) and CompTIA PenTest+. These IT certifications validate the cybersecurity skills needed in today’s market. Members receive a 10% corporate member discount on all CompTIA certifications and training programs.
- CompTIA also can help members with workforce solutions, including programs to help close the cybersecurity skills gap and IT training opportunities through Creating IT Futures and the CompTIA Tech Career Academy.
These groups and programs work in tandem to advance the cybersecurity of the tech industry as a whole. Participating in these groups or utilizing their thought leadership benefits your company, your clients, their clients—and the list goes on.
CompTIA ISAO Membership
An Information Sharing and Analysis Organization (ISAO) is a trusted community that actively collaborates to identify and disseminate information about cybersecurity threats. The CompTIA ISAO has over 1,050 members and partners with likeminded organizations to obtain threat feeds and provide a comprehensive library of data to analyze. Our vendor-neutral, member-led community uses the Cyber Forum to collaborate with one another, share best practices and access these threat intelligence reports. As an add-on to CompTIA corporate membership, any company working in the business of technology can join to increase their cybersecurity resiliency.
“We are in a time of unprecedented and malicious hacking activity, much of which is targeted specifically at technology product, service and solution companies,” said MJ Shoer, executive director of the CompTIA ISAO. “Many of these companies had no other option but to go it alone in defending against these threats.”
But not anymore. Membership in the CompTIA ISAO brings these businesses together to leverage the collective know-how and power of the industry to deliver timely, relevant and actionable threat intelligence. This is how companies can protect themselves—and their customers—from ever-increasing cybersecurity threats.
CompTIA Cybersecurity Community
Sharing intelligence and new information in the cybersecurity space eventually leads to the development of best practices. Members of the Cybersecurity Community are champions for the secure and responsible adoption and management of technology solutions. This group aims to leverage best practices and advocate for advanced skills and diversity in the market.
Their focus aligns with the CompTIA ISAO's mission to strengthen and build on cybersecurity strategies, while also devising ways to capitalize on the need for cybersecurity in all businesses. Alex Rutkovitz Spigel, COO of Choice Cybersecurity and chair of CompTIA’s Cybersecurity Community, says she talks to customers every day who lack education and awareness of cyber risks.
“They say things like ‘We don’t have sensitive data,’” Rutkovitz Spigel said. “There’s a huge lack of communication internally. Finance doesn’t talk to HR. They have the same sensitive data, but they’re not using it in the same way, they’re not on the same page. We’re only as strong as our weakest link, and we’re protecting those weaknesses where we can.”
The Cybersecurity Community exists to help businesses identify and strengthen these weaknesses in their customers’ security postures. Deliverables like the Data Breach Response Planning Guide, the IT Security Perimeter Health Check, and the IT Security Risk Assessment Guide are products of this collaborative group and available to members.
Interested in improving your cybersecurity profile? Join today to network with experts.
CompTIA Cybersecurity Advisory Council
It’s not just customers that need help protecting against cyber threats. It’s critical for tech companies to continue their investments in both cybersecurity protocols as well as developing the next generation of resources that will be required to protect assets. This is the job of the Cybersecurity Advisory Council, CompTIA’s thought leadership group comprised of member-experts from a multitude of disciplines. These members work together to offer guidance and the tools necessary to help tech businesses stay ahead of the security curve.
“How do we help partners stay ahead of attacks? Keep it simple,” said Tracy Holtz, director of security solutions at Tech Data, co-chair of CompTIA’s Cybersecurity Advisory Council, and council liaison to the CompTIA ISAO. “There are very elementary skills lacking in IT organizations today that are creating vulnerabilities. Businesses of all sizes need a sharp focus on lowering their risk and being more resilient. That means more technology, more education, more collaboration from MSPs and other solution providers.”
Technology companies are in a position to do more to advance our collective cyber resilience. The Cybersecurity Advisory Council agrees that we need more conversation, more education and more innovation in order to lead the way—and they have specific goals on how to accomplish that in 2021.
Over the last decade we’ve been emphasizing that every company is now a technology company, but understanding and using technology simply isn’t enough anymore. Securing technology, if you want to mitigate the risk of a cyberattack, is critical. There’s strength in numbers, and we’re certainly better together.
Get access to everything CompTIA membership has to offer your business. Learn more about the benefits of membership.
This article is part 5 in a series designed to break down CompTIA member benefits in a meaningful way for organizations and individuals alike. Read part 1, part 2, part 3 and part 4. In part 6, you’ll learn more about our focus on leveraging emerging tech to aid in the transition of selling services to selling solutions.