What we're about
Upcoming events (1)
Join us November 18th at 11:30am Central Time to learn how the CAIQ and CCM can equip your organization with the tools necessary to properly assess potential cloud technologies using commonly accepted industry standards and documented security controls.
In 1997, Professor Ramnath Chellappa of Emory University coined the term, "Cloud." 5 years later, Amazon Web Services (AWS) launched its initial public cloud offering in 2002. By 2018, the global cloud computing market exceeded $270B; and recent events, like the COVID-19 pandemic, have served as accelerants for this cloud explosion with expectations to exceed $620B by 2023.
Along with this voracious appetite for cloud technologies, numerous security vulnerabilities have been exposed; and today, one of the most critical challenges for many organizations is understanding how to evaluate potential cloud service providers.
Since 2008, the Cloud Security Alliance (CSA) has defined standards, certifications, and best practices to help ensure secure cloud environments. The Consensus Assessments Initiative Questionnaire (CAIQ - pronounced "CAKE") is a CSA survey designed to give consumers and auditors the ability to assess the security capabilities and Cloud Controls Matrix (CCM) compliance of cloud service providers.
The CCM is a CSA cybersecurity control framework for cloud computing composed of more than 130 control objectives across 16 domains of cloud technology, such as:
Application and Interface Security
Audit Assurance and Compliance
Business Continuity Management and Operations Resilience
Change Control and Configuration Management
Data Security and Information Lifecycle Management
Encryption and Key Management
Governance and Risk Management
Identity and Access Management
Infrastructure and Virtualization Security
Interoperability and Portability
Security Incident Management, E-Discovery, and Cloud Forensics
Supply Chain Management, Transparency and Accountability
Threat and Vulnerability Management