Tag: security

Continuous Diagnostics and Mitigation (CDM) is an important part of the federal government’s cybersecurity strategy, and it’s getting a boost in visibility since the House passed the Advancing Cybersecurity Diagnostics and Mitigation Act (H.R. 6443). Among other things, this Act directs the U.S. Department of Homeland Security (DHS) to develop and provide the capability to collect, analyze, and visualize government-wide information relating to security data and cybersecurity risks and to make these program capabilities available for use by any federal agency.

Over the years, many organizations’ on-premises IT infrastructure has been compromised. Often times, organizations are left defending infrastructure, data, and people without understanding who is attacking them and why. But the sliver lining is that attackers often use the same tactics to try to initially compromise their targets. Knowing the ways that attackers try to get a foothold in your environment can help you defend it better.

Over the years, I have talked to thousands of customers about security and compliance topics. Many of these conversations revolved around specific security controls customers were interested in, or assurances about how specific cloud services are managed, or whether a cloud service complies with a specific regulation. Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) tend to be focused on maximizing control and visibility – and for good reasons. But with the focus on security controls and compliance requirements, one important topic rarely gets discussed: innovation. Overlooking the value of innovation to an organization, and the value of the pace of innovation, can be a serious ROI miscalculation.

Choice and self-determination are cornerstones of our nation’s democratic process. Come election night, we might not all root for the same candidates, but there’s one point we can all rally around – the need for modernization and the role of the cloud in powering U.S. elections.

One of the hottest security and compliance related topics that customers want to discuss is the General Data Protection Regulation (GDPR). On May 25, 2018, GDPR came into force. This new regulation raises the minimum bar where personal data protection is concerned.

AWS has developed the Well-Architected Framework to help customers architect their mission-critical applications on AWS with secure, high-performing, resilient and efficient infrastructure. Well Architected can help you build and deploy faster, lower or mitigate risks, make informed decisions, and learn AWS best practices.

In November, with the launch of the AWS Secret Region, we achieved a Provisional Authorization (PA) for Impact Level 6 (IL6) workloads from the U.S. Defense Information Systems Agency (DISA), the IT combat support organization of the U.S. Department of Defense (DoD). The PA was recently updated to add 11 new AWS services. A service catalog for the Region is available through your AWS Account Executive.

AWS announced that Amazon Internet Services Private Limited (AISPL), an Indian subsidiary of the Amazon Group, which undertakes the resale and marketing of AWS Cloud services in India, has achieved full Cloud Service Provider (CSP) empanelment, and successfully completed the STQC (Standardization Testing and Quality Certification) audit from the Indian Ministry of Electronics and Information Technology (MeitY) for cloud services delivered from the AWS Asia Pacific (Mumbai) Region.

A guest post by John Brady, CISSP, VP Cyber Security/CISO, Financial Industry Regulatory Authority The Financial Industry Regulatory Authority (FINRA) oversees more than 3,900 securities firms with approximately 640,000 brokers. Every day, we watch over nearly 6 billion shares traded in U.S. equities markets—using technology powerful enough to help detect fraud, abuse and insider trading. In […]

A guest post by John Brady, CISSP, VP Cyber Security/CISO, Financial Industry Regulatory Authority The Financial Industry Regulatory Authority (FINRA) oversees more than 3,900 securities firms with approximately 640,000 brokers. Every day, we watch over nearly 6 billion shares traded in U.S. equities markets—using technology powerful enough to help detect fraud, abuse, and insider trading. In […]