TrustMAPP Launches vCISO Program

Published On: March 29, 2021Categories: News

Provides Virtual Chief Information Security Officers A SaaS Platform To Run Their Practice

Minneapolis, MN – March 30, 2021 – TrustMAPP today introduced a new program aimed at Virtual CISOs. TrustMAPP’s Security Performance Management (SPM) platform gives vCISOs the ability to manage cyber security as a business, rapidly understanding their clients’ current security maturity and then making consistent, prioritized plans to improve.

The TrustMAPP vCISO ecosystem continues to grow rapidly, with CyberSix and Big Fly among the vCISOs that have joined in the last year.

These vCISOs have all realized that traditional GRC tools are inadequate for today’s demands, something that Forrester Research recently wrote about: “Technology that ceases to deliver value daily will soon be replaced by a competitor that does. The governance, risk, and compliance (GRC) platform market is no exception.” – “Forrester Infographic: GRC Adoption Is Growing, But Platforms Fail To Wow”

“Enterprise security teams are moving away from point-in-time security assessments to related solutions that provide security performance management,” said Dr. Edward Amoroso, CEO of TAG Cyber. “These SPM engagements are continuous in nature, and include findings based on a continuous and repeating cycle of assessment, reporting, modeling, and remediating. Security assessment teams are well-suited for these on-going SPM engagements, so this might represent the future of enterprise security consulting.”

No matter the size of an organization, demand for vCISOs is climbing. Large organizations searching for a fulltime CISO will turn to a vCISO to “keep the seat warm” and maintain their security posture. Smaller organizations that don’t need a full-time CISO appreciate the ability to retain a vCISO for a few hours per month. Whoever their clients are, vCISOs benefit from TrustMAPP in multiple ways.

Build Their Practice

  • Foundational platform and consistent methodology across all clients
  • Focus on long-term improvements
  • More stable client base, increased revenue

Get Control

  • Quickly understand client security program maturity and gaps
  • Build security program maturity roadmaps
  • 50,000+ built-in remediation recommendations with budget estimates
  • Align security improvements with “First 100 Day” goals


  • Run what-if scenarios to prioritize and communicate remediating, based on costs and resource allocation
  • Real-time data visualization
  • Report on clients’ maturity against industry benchmarks

Rich Moore, founder and vCISO at CyberSix said, “For the past two decades, the approach to solving cybersecurity has been through over-purchasing of technology. While technology is a useful tool for automation and collection, the cost has become a primary topic at the Board level during fiscal discussions. All CISOs need to adopt a performance mindset to adapt.”

“To serve my clients in the long run, I need consistent visibility in security maturity year-over-year,” said Matt Klein, founder of Big Fly Consulting. “TrustMAPP is a foundational platform that supports my practice and lets me serve more clients.”

“We think that vCISOs are badly underserved by today’s IT GRC solutions, which are designed to be policy repositories requiring significant customization,” said Chad Boeckmann, founder and CEO of TrustMAPP. “Our automated SaaS platform eliminates the busy work, and gives vCISOs a consistent way to manage all their clients’ security programs.”