IT Brief Asia - Technology news for CIOs & IT decision-makers
Asia
Guides
#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things
Search
Story image
#
Cloud Security
#
Data Privacy
#
AI

Cloud Security Alliance launches initiative to automate compliance

Today
Author image
By Catherine Knowles, Journalist

The Cloud Security Alliance has established a new initiative, the Compliance Automation Revolution, to address the growing complexity of regulatory compliance in data security and privacy.

Organisations are facing mounting pressure to comply with an expanding array of data security and privacy laws, a trend accelerated by the proliferation of artificial intelligence technologies. The challenge is compounded by the increasing volume of data and technological advances that expand compliance requirements, leading to rising costs and diminishing returns in security improvement efforts.

The Compliance Automation Revolution (CAR) is a coalition supported by a range of industry partners, including Google, Oracle, Anecdotes, Coalfire, Deloitte Italy, Salesforce, Schellman, and Vanta. The initiative aims to offer practical and effective solutions to common compliance challenges, leveraging automation and collaborative frameworks to relieve the regulatory burden on organisations.

CAR's objectives include enhancing the quality of compliance, reducing associated risks and costs, and progressing towards regulatory harmonisation. The initiative also seeks to introduce real-time information exchanges between businesses and regulators to bolster assurance and cultivate greater trust within the wider ecosystem.

Jim Reavis, Chief Executive Officer and Co-Founder of the Cloud Security Alliance, stated, "With 16 years of thought leadership, cutting-edge innovation, and global expertise, CSA is uniquely positioned to lead the Compliance Automation Revolution. Through initiatives like the globally recognized Security, Trust, Assurance and Risk (STAR) program and vendor-neutral research, we've consistently prioritised the industry's evolving needs. Now, with the launch of CAR, we're shaping a future where compliance not only enhances security but does so efficiently - eliminating unnecessary costs and redundant efforts."

The CAR coalition intends to focus on four main action areas. The first involves automating the collection and sharing of compliance evidence through standardised, machine-readable formats. The second area is the integration of compliance checks earlier in the software development lifecycle through shift-left approaches. Thirdly, CAR aims to harmonise diverse regulatory frameworks into a common set of controls. The fourth area is the development of metrics and models to objectively quantify security and compliance risks, including the standardisation of effectiveness and assurance measurement.

Archana Ramamoorthy, Senior Director, Regulated and Trusted Cloud at Google Cloud and CAR Founding Member, commented, "Adhering to compliance is often viewed as a costly, point-in-time snapshot that lags behind the pace of innovation. CAR represents a vital industry collaboration to change that paradigm. By embracing automation, harmonisation, and 'compliance-as-code,' we're not just aiming to reduce audit fatigue; we're building a future founded on continuous, evidence-based trust that can finally scale with the dynamic nature of cloud and AI."

Anil Markose, GVP, Chief Compliance Officer for Oracle SaaS, said, "The Compliance Automation Revolution marks a strategic move toward aligning compliance and security as complementary forces. As the regulatory landscape grows more complex, and threats become more sophisticated, it is critical for organisations to proactively address both. We're excited to work with CSA in advancing this mission."

Yair Kuznitsov, CEO and Co-Founder of Anecdotes, explained, "Enterprises today face increasingly complex GRC environments, and the need for scalable, automated solutions has never been greater. At Anecdotes, we're proud to be an ambassador for the Compliance Automation Revolution initiative, championing innovation that will help organisations navigate these challenges with greater ease and efficiency. This initiative tackles an unsolved problem, and we anticipate every enterprise will benefit from the groundbreaking work coming out of it."

Adam Shnider, Executive Vice President for Compliance Services at Coalfire, stated, "Security and compliance should be less of a burden — they should be a business enabler. The Compliance Automation Revolution provides the framework and collaboration needed to streamline compliance efforts, reduce risk exposure, and ensure organisations stay ahead of emerging threats."

Fabio Battelli, Senior Partner at Deloitte Central Mediterranean for Cyber Security Services, said, "By joining the Compliance Automation Revolution, we reaffirm our commitment to proactive security and compliance excellence. In an era of growing regulatory complexity, automation is key to reducing operational risk and streamlining compliance efforts. CAR represents a significant step forward in enabling organisations to shift resources from manual compliance tasks to innovation and business growth."

Prashant Vadlamudi, Senior Vice President, Product Security at Salesforce, added, "The regulatory landscape is shifting fast — and so are emerging threats. Static, check-the-box compliance models are no longer sufficient to keep pace. At Salesforce, we see compliance as a trust enabler, not a roadblock. That's why we're proud to join the Compliance Automation Revolution and partner with CSA to drive scalable, proactive solutions, leveraging the power of AI, that help organisations meet rising expectations with confidence."

Avani Desai, Chief Executive Officer of Schellman, commented, "In today's environment of mounting regulatory demands and rapidly evolving cyber threats, the Compliance Automation Revolution isn't just timely, it's essential. It's about transforming how organisations approach compliance, turning a traditionally reactive process into a proactive strategy for resilience. By embracing automation and collaboration, we can drive smarter decisions, reduce risk, and build a stronger, more secure future."

Jadee Hanson, Chief Information Security Officer at Vanta, said, "As regulations grow more complex and the threat landscape evolves, companies need automation not just to keep up, but to get ahead. The Compliance Automation Revolution is an important industry movement, and Vanta is proud to join this effort to push the industry toward smarter, more scalable ways of working. Together, we can simplify compliance, strengthen security programmes, and free up teams to focus on what matters most."

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
Global study reveals public trust is lagging growing AI adoption
Spirent automates Wi-Fi device testing with Octobox suite
CrowdStrike launches unified data protection for AI & cloud
Rapid7 unveils upgraded platform with $1M breach cover
Indonesia hosts inaugural AI Day to drive mining innovation
Top stories
Palo Alto Networks unveils Cortex XSIAM 3.0 with AI upgrades
Forrester warns of deepfakes & AI extortion in 2025 threats
Palo Alto Networks unveils Prisma SASE browser for AI security
Palo Alto Networks launches Prisma AIRS to secure enterprise AI
Palo Alto Networks to acquire Protect AI to boost AI security