From the buy side prospective, as someone that sits on a vendor review board, if there are two vendor options for a service, and one has SOC2 and the other doesn't, we'll lean heavily toward the SOC2 vendor. If you're the vendor, this can help your ASP.
I've personally gone through certifying a company as SOC2 and it makes you realize how much you want your vendors to have SOC2 controls.
I've personally gone through certifying a company as SOC2 and it makes you realize how much you want your vendors to have SOC2 controls.