Skip to content ↓ | Skip to navigation ↓

Leading tech companies, including Uber, Twitter, Dropbox and Square, recently announced their collaboration to form the Vendor Security Alliance – a new coalition committed to improving cybersecurity standards.

The VSA aims to establish cybersecurity standards that businesses can use to assess the security of potential third-party providers.

The alliance will be releasing a yearly security and compliance questionnaire to help companies benchmark vendor risk using a predetermined set of criteria, controls and practices.

“Every day, industries across the globe depend on each other to embrace sound cybersecurity practices: yet in the past companies have not had a standardized way to assess the security of their peers,” read the VSA’s mission statement.

“The VSA was formed to solve these issues and streamline vendor security compliance,” said the group, noting other benefits, such as saving time and money that companies would otherwise spend during an individual evaluation.

“It will also improve security across the board for consumers by promoting and recognizing companies that exercise sound cybersecurity practices, making the Internet safer for everyone,” the alliance said.

According to a press release, the VSA will release the first questionnaire free of charge on October 1, 2016.

Overarching topics will include:

  • Service Overview
  • Policies and Standards
  • Software Supply Chain
  • Data Protection and Access Controls
  • Proactive Security
  • Reactive Security
  • Compliance

Uber’s Head of Compliance Ken Baylor spearheaded the initiative and will serve as the VSA’s president. Other founding companies include: Airbnb, Atlassian, Docker, Dropbox, GoDaddy, Palantir, Square, and Twitter.

“Ensuring the vendors you work with have secure Internet practices is just as important as maintaining such practices at your own company,” said Baylor. “The VSA can be a gamechanger for businesses around the globe by solving their vendor compliance and security issues.”