It is essential to obtain as much information as possible regarding a vendor’s maturity and understanding of the processes and tools that keep CPaaS. It is a best practice to check on the maturity of these vendor-specific certifications, as some companies go through a process of self-certification that doesn’t necessarily ensure the level of security your organization needs. Like everything that’s connected to the cloud, Communications Platform-as-a-Service (CPaaS) solutions are vulnerable to hacking.
Source: https://www.helpnetsecurity.com/2021/05/31/cpaas-technology-stack/