What is Tier 3 cybersecurity augmentation?

On-demand senior cybersecurity expertise (CISSP, CISA, or equivalent) that extends the capacity of an MSP or lean IT team.

Definition

Most MSPs and lean IT teams cannot economically maintain a full-time CISSP- or CISA-credentialled cybersecurity expert. Hiring and retention costs at that level often exceed what the MSP's revenue base can sustain. Yet senior-level cybersecurity work — incident response, audit defence, regulatory liaison, complex client-security questionnaires, sophisticated phishing investigations — still happens regularly enough to need the capability.

Tier 3 augmentation solves this by making senior cybersecurity expertise available on demand. The MSP retains the client relationship and Tier 1 / Tier 2 capacity; the augmentation provider delivers credentialled escalation when the situation requires it.

ThreeShield Information Security Corporation — the Calgary-based audit firm that built Lavawall® — offers Tier 3 augmentation for MSPs and lean IT teams across Canada, the United States, and globally. The model includes three engagement tiers: DIY (self-service via Lavawall®), Supported (CISSP/CISA-guided gap assessment, prioritised roadmap, quarterly reviews, white-label option for MSPs), and Done-for-you (full audit, evidence collection, policies and procedures, annual reassessment).

Core components

  • Senior cybersecurity expertise. CISSP, CISA, CISM, or similar credentialled professionals.
  • Incident response capacity. Active-incident triage, containment guidance, regulatory liaison.
  • Audit and compliance support. Audit defence, evidence packaging, framework interpretation, assessor liaison.
  • Client-facing senior credibility. When the MSP's client requires senior-level signoff (CISSP-signed risk assessment, audit-firm-led readiness for SOC 2 or PCI DSS), the augmentation provider supplies that.
  • White-label option for MSPs. The MSP's client need not see the augmentation provider directly; the work can be delivered under the MSP's brand.
  • On-demand engagement model. Tier 3 augmentation is typically engaged on retainer or hourly, not as full-time staff.

Why it matters

For MSPs and lean IT teams, the capability gap at Tier 3 is real: an active ransomware incident, a CMMC 2.0 audit, a PCI service-provider Level 1 assessment, or a regulator inquiry can't be handled by a Tier 2 generalist. Without Tier 3 augmentation, the MSP either declines the work, refers it out (losing the client relationship), or stretches into territory it isn't qualified for.

Tier 3 augmentation is also a credibility multiplier. An MSP whose response to “we need a CISSP-signed assessment” is “yes, we have a Tier 3 augmentation partner ready” wins deals an MSP with no answer can't win.

For lean IT teams in mid-market organisations, Tier 3 augmentation is the practical alternative to hiring a CISO when the organisation isn't large enough to need a full-time one.

How Lavawall® helps with Tier 3 cybersecurity augmentation

Lavawall® is the platform; ThreeShield is the audit firm and Tier 3 augmentation provider. The combination is deliberate: the platform handles the continuous security and compliance work; the audit firm handles the human-judgement and senior-signoff work the platform cannot.

ThreeShield holds CISSP and CISA credentials. For Lavawall® customers, ThreeShield Tier 3 augmentation is one engagement away when an incident, audit, or complex-compliance question arises.

Engagement tiers cover the spectrum: DIY (Lavawall® alone for MSPs and IT teams that want self-service), Supported (CISSP/CISA-guided augmentation for MSPs and lean IT teams), Done-for-you (full audit and compliance delivery for organisations that want the work done under one relationship).

Frequently asked

What's the difference between Tier 3 augmentation and MDR?
MDR is 24/7 detection-and-response for endpoint and cloud signals. Tier 3 augmentation is senior cybersecurity expertise for incident response, audit defence, and complex compliance work — broader scope, typically not 24/7. They complement each other.
Is Tier 3 augmentation white-label?
ThreeShield offers white-label Tier 3 augmentation for MSPs whose clients should see only the MSP's brand. The MSP retains the client relationship; ThreeShield delivers behind the scenes.
Do I have to use Lavawall® to engage ThreeShield?
ThreeShield engages MSPs and lean IT teams that don't use Lavawall® as well. The combination of Lavawall® + ThreeShield Tier 3 is the most efficient model, but ThreeShield's audit and compliance services are platform-agnostic.