cyber trust mark page 1
cyber trust mark page 2

Cyber Trust Mark Core Requirements

> Identify

Understand & manage cybersecurity risks to systems, assets, data, & capabilities.

Categories include:

  • Asset management
  • Business environment
  • Governance
  • Risk assessment 
  • Risk management strategy
  • Supply chain risk management

> Protect

Develop & implement safeguards to ensure critical services & data are delivered securely.

Categories include:

  • Identity management & access control
  • Awareness & training
  • Data security
  • Information protection process & procedures
  • Maintenance
  • Protective technology

> Respond

Take action when a cybersecurity event is detected to minimize its impact.

Categories include:

  • Response planning
  • Communications
  • Analysis
  • Mitigation
  • Improvements

> Detect

Identify cybersecurity incidents promptly.

Categories include:

  • Anomalies & events
  • Security continuous monitoring
  • Detection processes

> Recover

Recover services & operations after a cybersecurity incident.

Categories include:

  • Recovery planning 
  • Improvements
  • Communications