Cloud 101CircleEventsBlog

CSA Official Press Release

Published 10/20/2022

Cloud Security Alliance Partners with SecurityScorecard

Cloud Security Alliance Partners with SecurityScorecard

Agreement will help speed the advancement of continuous cyber risk monitoring across industries

SEATTLE Oct. 20, 2022 – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today announced that it has partnered with SecurityScorecard (SSC), a market-leading provider of cyber risk ratings, in a move that will enhance members’ ability to evaluate their own risk posture, as well as that of third-parties with which they work.

Specifically, the partnership will allow all CSA members to take advantage of a complimentary SecurityScorecard Enterprise License, giving members the ability to benchmark themselves against CSA Cloud Controls Matrix (CCM) while they continuously monitor the external cybersecurity posture of their own organizations and that of up to five suppliers, vendors, or competitors. Existing SSC members have the ability to monitor five additional organizations with the starter license.

“Companies today are struggling to understand their own security risk posture, let alone that of the companies with which they do business,” said Jim Reavis, co-founder and CEO, Cloud Security Alliance. “This knowledge gap opens them to security vulnerabilities, and puts them at risk for data breaches, lost business, and the ensuing damage to their reputations. By providing organizations with another tool with which to evaluate risk, we are helping them to further strengthen their cybersecurity posture.”

SecurityScorecard ratings evaluate an organization’s cybersecurity risk using data-driven, objective, and continuously evolving metrics that provide visibility into any organization’s information security control weaknesses, as well as potential vulnerabilities throughout the supply chain ecosystem. With the Enterprise Starter license, companies will be able to:

  • Continuously monitor their digital ecosystem to identify the most pressing areas of cyber risk
  • Leverage automated, scalable third-party risk management tools to monitor more organizations without the need for additional resources
  • Automatically track their compliance posture to minimize the risk of regulatory penalties
  • Build trust among customers and partners

"We are thrilled to partner with CSA, a thought-leader driving the adoption of practical and effective controls that account for the dynamic and complex environments that today's businesses operate across. Through our partnership, SecurityScorecard will be delivering the benefits of cyber risk ratings to CSA members, while giving CSA members and SecurityScorecard customers the ability to assess and continuously monitor themselves and their vendors against the controls contained within the CAIQ framework," said SecurityScorecard Vice President of Alliances Alex Rich.

For more information or questions regarding SecurityScorecard, please visit or email [email protected].

About SecurityScorecard
Funded by world-class investors, including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings, with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight. SecurityScorecard is the first cybersecurity rating company to offer digital forensics and incident response services, providing a 360-degree approach to security prevention and response for its worldwide customer and partner base. SecurityScorecard continues to make the world a safer place by transforming the way companies understand, improve and communicate cybersecurity risks to their boards, employees, and vendors. Every organization has the universal right to its trusted and transparent Instant SecurityScorecard rating. For more information, visit or connect with us on LinkedIn.

About Cloud Security Alliance
The Cloud Security Alliance (CSA) is the world’s leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, training, certification, events, and products. CSA's activities, knowledge, and extensive network benefit the entire community impacted by cloud — from providers and customers to governments, entrepreneurs, and the assurance industry — and provide a forum through which different parties can work together to create and maintain a trusted cloud ecosystem. For further information, visit us at, and follow us on Twitter @cloudsa.

Share this content on your favorite social network today!

About Cloud Security Alliance

The Cloud Security Alliance is a not-for-profit organization with a mission to promote the use of best practices for providing security assurance within Cloud Computing, and to provide education on the uses of Cloud Computing to help secure all other forms of computing. The Cloud Security Alliance is led by a broad coalition of industry practitioners, corporations, associations and other key stakeholders. For further information, follow us on Twitter @cloudsa.

For press inquiries, email Zenobia Godschalk of ZAG Communications or reach her by phone at 650.269.8315.