News & Press Releases

Four ways to use the Cloud Security Maturity Model

With a name like, Cloud Security Maturity Model, you may be one of the CISOs who think: 

  • Sounds like a lot of work.
  • Where does my organization sit?
  • How do we advance?
  • Why should I care?



And if any of those questions strike a chord with you then that’s exactly why you should care. We all need to care. And we all need to leave the legacy ways of practicing security behind us. Way behind us. The Cloud Security Maturity Model (CSMM) is here to help us be better security leaders. It provides a systematic way to assess and mature your risk management and give cloud security the attention it deserves within your organization. Here are four ways it does so:  


  • The CSMM is a framework to level set the security conversation within your organization. It’s extremely useful to assess where you are today and where you want to go. You need to make a point of acknowledging where you are at this moment so you can celebrate all the progress. You can take an online diagnostic now.


  • It’s a guide for you to assess current and future vendors and partners. It’s a chance to challenge your current vendors. Or collaborate and, in some cases, innovate with them. In the end, whoever is not helping you mature your cloud security should be reconsidered. 


  • It’s a model to help you understand how culture will need to shift within your organization and how to deepen the current security conversations you’re having with your developers, board members and peers to get everyone ready for those shifts. 


  • It allows you to see the future of security. It helps you see the path for all the things you’re trying to turn into standard security practice–whether it be leveraging security-as-code, practicing Zero Trust, or enabling automation everywhere. This model shows you a guide on how to get there.


All of these points, and more, are discussed in the webinar, “How to put the Cloud Security Maturity Model into practice”. A conversation with Fausto Lendeborg, CEO and Founder at Secberus and John Yeoh, VP Global Research with Cloud Security Alliance.

Make sure to listen, and more importantly, contribute, to this ongoing conversation. As John states,

The evolution of the industry is so important. It’s a big mistake to be resistant to the advancement of technology. If you’re resisting the cloud, you’re resisting moving forward. It’s important to move forward and understand what the future is going to look like…

The Cloud Security Maturity Model helps you to move forward. That is its purpose. If you want to be in active discussions around this topic, visit the Cloud Security Alliance. You can start by:


And make sure to listen to the full conversation here

In this consumer driven world, protecting data is at the center of it all. If you’re not building security into the foundational aspects of your cloud strategy right now, you need to start.  


Reference Cloud Security Maturity Model:



Suggested Reading

Secberus has just announced a significant milestone: the graduation of Cloudflare configuration governance from Beta to General Availability (GA). This...
And it’s all thanks to SAP who isn’t even a partner or customer (yet)….   Jeroen Thoden van Velzen‘s blog...
The Secberus cloud governance platform just graduated Okta configuration governance from Beta to GA. Users can now connect Okta to...

We don’t send a lot of emails, but when we do, it’s definitely worth it.

Sign up for our newsletter below.