Major tech firms launch Security First Initiative to combat third-party data breaches

On the heels of one of the worst years for third-party security incidents in history, top technology firms are joining together to address the increased importance of transparency between vendors and their customers by forming the Security First Initiative.

Security First Initiative

The group pledges to put security first by sharing their security information proactively with their customers using a Whistic Profile and invites all companies to do the same.

Founding members of the Security First initiative, including Okta, Airbnb, Zendesk, Asana, Atlassian, Snap, Notion, TripActions, G2, and Whistic, have all adopted the Whistic Profile as the industry standard for assessing, publishing and sharing security information. Today over 40,000 Profiles are available on-demand in the Whistic Vendor Security Network and every month thousands of buyers accept a Whistic Profile in lieu of requesting a questionnaire to satisfy their vendor assessment requirements. This increasingly popular vendor security strategy drives increased trust and transparency, while automating the reactive, manual processes used previously.

“The future of vendor security must be built on a foundation of collaboration,” said Nick Sorensen, CEO of Whistic. “That’s why we’re excited to unite with a coalition of some of the world’s leading technology companies to create a new expectation where security comes first. This dual-sided, network approach to vendor security is the only way to meet the needs of both buyers and sellers in the ecosystem. It’s also the most efficient way to make transparency the expectation in vendor security, and when that happens, everybody wins.”

To help companies meet this new Security First expectation Whistic is offering vendors access to a free version of Whistic Profile, which includes the ability for vendors to proactively share their security information with their customers, eliminating the need to repeatedly fill out questionnaires.

“Okta supports the Security First Initiative and the recently released MVSP security baseline, both of which demonstrate the importance of working together to improve security for all our mutual customers. Okta has added MVSP to our Whistic Profile and we look forward to seeing more service providers adopt this baseline in their profiles.” said Gen Buckley, Senior Manager, Customer Assurance at Okta.

“Just like Asana believes collaboration and transparency between internal teams is mission critical, we also believe it’s mission critical to establish transparent and trusted relationships with our customers and third-party vendors. That’s why we’re excited to join with so many leading companies and see the industry collectively embrace the Security First Initiative,” said Sean Cassidy, Head of Security at Asana.

“Trust and transparency are key to doing business and we take customer trust very seriously. We proactively share our security documentation through our Whistic Profile in a secure manner, and we’re excited to start seeing more and more of our vendors with Whistic Profiles ready to share with us before we ask” said Prabhath Karanth, Head of Security Assurance and Compliance at TripActions.

“In our 2021 Buyer Behavior Report, G2 found that security is now the #1 consideration for buyers in the purchasing process. G2 is not only committed to trust and transparency as a company, but we see it as core to every business relationship in the future,” said Godard Abel, CEO of G2, the leading reviews marketplace.

Don't miss