Industry Insights

Read the latest cloud security news, trends, and thought leadership from subject matter experts.

Industry Insights
Why use the CAIQ for vendor analysis vs. other questionnaires?

Published: 04/04/2020

By John DiMaria, Assurance Investigatory Fellow, Cloud Security AllianceSecurity assessments, security questionnaires, vendor assessments, RFPs are all unavoidable in today’s world of cloud computing and drain valuable resources and time when completing them. However, they’re a big part of closin...

It's all about the Data! - Preventative Security

Published: 10/08/2019

By John DiMaria, Assurance Investigatory Fellow, Cloud Security AllianceI have always said I am a "data guy." Decisions made with data eliminate all bias, opinions, and ad hoc decisions that cause potential costly moves.In my most recent podcast interview with Phillip Merrick, CEO of Fugue, he di...

CAIQ V3 Updates

Published: 09/17/2019

Cloud Security Alliance (CSA) would like to present the next version of the Consensus Assessments Initiative Questionnaire (CAIQ) v3.1.The CAIQ offers an industry-accepted way to document what security controls exist in IaaS, PaaS, and SaaS services, providing security control transparency. It pr...

Using The CAIQ-Lite to Assess Third Party Vendors

Published: 07/01/2019

By Dave Christiansen, Marketing Director, WhisticThe mere mention of “security questionnaires” can evoke thoughts of hundreds of questions aimed at auditing internal processes in order to mitigate third party risk. This typically means a lengthy process prime to be optimized. While we don’t disag...

CSA STAR – The Answer to Less Complexity, Higher Level of Compliance, Data Governance, Reduced Risk and More Cost-Effective Management of Your Security and Privacy System

Published: 03/28/2019

By John DiMaria, Assurance Investigatory Fellow, Cloud Security AllianceWe just launched a major refresh of the CSA STAR (Security, Trust and Assurance Risk) program, and if you were at the CSA Summit at RSA, you got preview of what’s in store. So let me put things in a bit more context regarding...

Introducing CAIQ-Lite

Published: 03/01/2019

By Dave Christiansen, Marketing Director, Whistic The Cloud Security Alliance and Whistic are pleased to release CAIQ-Lite beta, a new framework for cloud vendor assessment. CSA and Whistic identified the need for a lighter-weight assessment questionnaire in order to accommodate the sh...

Browse by Topic