CSA Official Press Release
CSA Security Trust Assurance and Risk (STAR) Registry Reaches Significant Milestone with 1,000 Entries
Registry is world’s largest repository of cloud provider security testimonials
SEATTLE – Sept. 30, 2020 –The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment, announced today that its Security Trust Assurance and Risk (STAR) Registry, a publicly accessible listing which documents the security and privacy controls provided by popular cloud computing offerings, has reached a significant milestone. The STAR Registry has reached a total of 1,000 cloud services evaluated according to the principles of CSA’s STAR Program and the requirements of the Cloud Control Matrix (CCM).
The STAR Registry, which allows cloud customers to assess their security providers prior to making a procurement decision, has fast become a mandate for enterprise users as part of their third-party risk management program. This achievement further validates the value and relevance of the STAR Program, the industry’s most powerful program for security assurance in the cloud, to the cloud community. Since its inception in 2011, the program has become the industry’s leading cloud-specific program for governance, risk, and compliance.
"What began as a humble initiative to encourage transparency on the part of cloud providers, as well as alignment with Cloud Security Alliance’s best practices, has mushroomed into the world’s largest repository of cloud provider security testimonials. By requesting that their cloud providers are listed in CSA STAR, enterprises not only help secure their own journey to the cloud, they help improve the security baseline across the industry," said Jim Reavis, co-founder and CEO, Cloud Security Alliance.
The STAR Program framework provides a flexible, incremental, and multi-layered cloud-provider system that is recognized as the international, certifiable harmonized governance, risk management, and compliance solution. By utilizing the STAR Program and its accompanying tools (Cloud Controls Matrix, Consensus Assessment Initiative Questionnaire, and the GDPR Code of Conduct), enterprises are able to reduce complexity, which translates to reduced costs, decreased risk. and increased security.
“When we first announced the STAR registry nine years ago, our goal was to enhance industry transparency and encourage providers to make security capabilities a market differentiator. Nearly a decade later, we have achieved that and more. The industry has embraced STAR as an essential part of understanding one's security posture, and we are confident that the next nine years will bring additional tools and resources to provide organizations with greater levels of assurance,” said Daniele Catteddu, chief technology officer, Cloud Security Alliance.
CSA will continue to develop the STAR Program to better serve the cloud ecosystem and its need for trust with a series of near- and medium-term actions, including CCM v4 and STAR Continuous Auditing.
Learn more about how the STAR Program has become the leading program for cloud assurance, transparency, and accountability in STAR 1000 - The reason behind the STAR Program success story, a complimentary webinar on Oct. 27 at 1pm ET. Save your spot today.
About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA’s activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at www.cloudsecurityalliance.org, and follow us on Twitter @cloudsa.
Kari Walker for the CSA
About Cloud Security Alliance
The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.
For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.