Global Resilience Federation Partners with TrustMAPP to Provide Security Performance Management to Members

Published On: August 11, 2020Categories: News

Herndon, VA, USA – August 11, 2020– Global Resilience Federation (GRF), a hub for cross-sector intelligence exchange, has partnered with TrustMAPP to offer its Security Performance Management (SPM) SaaS to member communities and affiliated organizations. TrustMAPP moves cybersecurity and privacy assessments from static, point-in-time snapshots to continuous, real-time visibility into a security program’s maturity.

“We’re very pleased to be working with TrustMAPP to offer detailed security analysis to cyber, compliance and executive teams so they can determine where their posture stands and where it should improve with appropriate planning and available resources,” said President Mark Orsi of GRF.

Given the growth in privacy regulations and security threats, organizations can increase efficiency and better manage risk through continuous visibility for stakeholders like the c-suite and board. Integrating with existing governance systems and security tools, TrustMAPP automates workflows and supports more than 50 security and privacy frameworks. The platform provides a catalog of thousands of remediation recommendation that include budget estimates to prioritize investments.

“We’re very happy to partner with GRF and assist its global mission, serving threat information sharing communities and their members. We know how important sharing communities are – our product wouldn’t exist if it weren’t for the global network of CISOs who have advised us,” said Chad Boeckmann, founder and CEO of TrustMAPP. “TrustMAPP grew out of our experience delivering security performance assessments to our clients at our previous professional services firm. TrustMAPP embodies everything we’ve learned about the best way to perform cybersecurity assessments.”

Through the partnership, TrustMAPP will provide GRF member communities and affiliated organizations one free security or privacy assessment, with full solution functionality, to be performed within 90 days. TrustMAPP supported frameworks and standards include NIST, CMMC, HIPAA, and GDPR. See the TrustMAPP Solutions page for a full list of capabilities.

“Generating roadmaps that align priorities for capital investment, human capital forecasting and security improvement can help organizations’ internal development, and more objectively, aid them in meeting external requirements like the new U.S. Department of Defense Cybersecurity Maturity Model Certification,” added Orsi.

Inquiries may be sent to Cynthia Camacho at


About GRF
Global Resilience Federation (GRF) is a non-profit hub and integrator for support, analysis, and cross-sector intelligence exchange among information sharing and analysis centers (ISACs), organizations (ISAOs), and computer emergency readiness/response teams (CERTs). GRF’s mission is to help assure the resilience of critical and vital infrastructure against threats that could significantly impact the orderly functioning of the global economy and general safety of the public. GRF members include Financial Services ISAC, Retail ISAO, Legal Services ISAO, Energy Analytic Security Exchange, Health ISAC, Professional Services Information Exchange, Oil and Natural Gas ISAC, Downstream Natural Gas ISAC, K12 Security Information Exchange, and Operational Technology ISAC. Learn more at, by visiting @GRFederation on Twitter or Global Resilience Federation on LinkedIn. Questions may be directed to Patrick McGlone at

About TrustMAPP

TrustMAPP delivers continuous Security Performance Management, giving CISOs a real-time view of their cybersecurity maturity. TrustMAPP tells you where you are, where you’re going, and what it will take to get there. From a single source of data, an organization’s security posture is visible based on stakeholder perspective: CISO, C-Suite, and Board. TrustMAPP gives organizations the ability to manage security as a business, quantifying and prioritizing remediation actions and costs. Please visit to learn more. General inquiries should be directed to Press and analyst inquiries should be sent to