CSA Security Update

CSA CAIQ-Lite – When is a more Streamlined Vendor Security Assessment option applicable? Guest: Nick Sorensen, CEO, Whistic

John DiMaria; Assurance Investigatory Fellow

CSA and Whistic identified the need for a lighter-weight assessment questionnaire in order to accommodate the shift to cloud procurement models, and to enable cybersecurity professionals to more easily engage with cloud vendors. CAIQ-Lite was developed to meet the demands of an increasingly fast-paced cybersecurity environment where adoption is becoming paramount when selecting a vendor security questionnaire. CAIQ-Lite contains 73 questions compared to the 295 found in the CAIQ, while maintaining representation of 100% of the original 16 control domains present in The Cloud Controls Matrix (CCM) 3.0.1.

Listen as we talk with our guest Nick Sorensen, CEO of Whistic and discuss the research and statistical analysis that went into the creation of the CAIQ-Lite along with some use cases of how and when it should be used.

https://cloudsecurityalliance.org/star/