Download Publication
Streamlining Vendor IT Security and Risk Assessments
Release Date: 12/09/2018
Working Group: Open Certification Framework
In this paper, the Cloud Security Alliance (CSA) and the National Technology Security Coalition (NTSC) advocate for a new approach to how organizations manage risks, achieve assurance, and enable trust in the cloud. We encourage all stakeholders to increase their level of collaboration while utilizing existing standards and open tools. Through this document, we make it clear that the future of cybersecurity, the future of cloud security, and the resilience of our economy, is largely in the hands of the consumers of cloud services.
Key Takeaways:
- How new technologies are significantly changing the cloud
- The ways in which the cloud is shifting information security best practices
- The state of IT regulatory environments related to cloud computing
- The unique challenges that cloud computing poses to vendor management
- The CSA resources you can use to create consistency, greater accountability, and security within the cloud ecosystem, such as the STAR Program, CCM, and CAIQCloud provider vetting best practices
- Tips for rolling out cloud provider vetting programs and improving existing programs
- Advanced program tools and insights that can help you get more out of your cloud provider vetting and assessments, such as our STAR cloud assurance certification
Download this Resource
Prefer to access this resource without an account? Download it now.
Acknowledgements
John Yeoh
Global Vice President of Research, CSA
With over 15 years of experience in research and technology, John excels at executive-level leadership, relationship management, and strategy development. He is a published author, technologist, and researcher with areas of expertise in cybersecurity, cloud computing, information security, and next generation technology (IoT, Big Data, SecaaS, Quantum). John specializes in risk management, third party assessment, GRC, data protection, incid...
Hillary Baron
Senior Technical Director - Research, CSA
Luciano (J.R.) Santos
Chief Customer Officer, CSA
J.R. Santos serves as the Chief Customer Officer for the Cloud Security Alliance. In this role, J.R. serves as a CSA Member advocate, partnering with leaders across all business units to transform the member experience and ensure that members are the center of every business decision. J.R. leads the Experience Services organization that includes the CSA Membership and Sales team, who work collaboratively to promote a consistent experience f...
Frank Guanco
Research Program Manager, CSA
Sean Heide
Technical Research Director, CSA
Aaron Guzman
Aaron is a passionate information security professional specializing in IoT, embedded, and automotive security. He is co-author of the “IoT Penetration Testing Cookbook” and a technical editor for the "Practical Internet of Things Security” Packt Publishing books. Aaron is co-chair of CSA’s IoT working group as well as a leader for OWASP’s IoT and Embedded Application Security projects; providing practical guidance to address the most commo...
Jim Reavis
Co-founder and Chief Executive Officer, CSA
For over 30 years, Jim Reavis has worked in cybersecurity industry as an entrepreneur, writer, speaker, technologist and business strategist. Jim’s innovative thinking about emerging trends have been published and presented widely throughout the industry and have influenced many.
Jim launched Cloud Security Alliance (CSA) in 2009 and has led its global growth and position as among the most vital cybersecurity communities worldwide. Under...
Pete Chronis
Patrick Gaul
Interested in helping develop research with CSA?
Related Certificates & Training
Learn more