Not only MSPs: All cloudy firms are in line for UK security law crackdown – TheRegister

This snippet caught my attention. With my DPO hat on I’ve found it very difficult to get beyond the high-level, bland statements that are issued by the likes of AWS, GCP…

[…] Many respondents argued, for example, that they cannot make fully informed procurement decisions because it is increasingly difficult to obtain the necessary cyber security assurance from providers who are reluctant to provide information on their cyber security measures or standards they adhere to. This poses a number of business and operational challenges for customers who ultimately bear the risk of cyber security incidents.

[…]

Original article