Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Aligning to the NIST Cybersecurity
Fr...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Agenda
What is the NIST Cybersecurity...
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
What is the NIST CSF?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
What is the NIST Cybersecurity Framew...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Why was the NIST CSF created?
5
Execu...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
What is considered critical infrastru...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
What is the NIST Cybersecurity Framew...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Identify Protect Detect Respond Recov...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
NIST CSF | Core
Function— overarching...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
NIST CSF | Core
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Why use the NIST Cybersecurity Framew...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Why use the NIST Cybersecurity Framew...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Internationalization of the NIST CSF
...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Aligning to the NIST CSF in the AWS c...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
AWS services alignment with the CSF
•...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Aligning to the NIST CSF in the AWS c...
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Asset Management
(ID.AM)
Business Env...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
NIST CSF | Protect
Identity Managemen...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Auto Scaling group
Public Subnet Publ...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
NIST CSF | Detect
Anomalies and Event...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Response Planning
(RS.RP)
Communicati...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Event (event-
based)
Lambda
Function
...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
NIST CSF | Recover
Recovery Planning
...
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Thank you!
S U M M I T © 2019, Amazon...
Upcoming SlideShare
Loading in …5
×

of

Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 1 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 2 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 3 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 4 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 5 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 6 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 7 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 8 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 9 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 10 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 11 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 12 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 13 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 14 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 15 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 16 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 17 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 18 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 19 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 20 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 21 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 22 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 23 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 24 Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit Slide 25
Upcoming SlideShare
What to Upload to SlideShare
Next
Download to read offline and view in fullscreen.

4 Likes

Share

Download to read offline

Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit

Download to read offline

The NIST Cybersecurity Framework (CSF) is endorsed by government and industry as a recommended baseline for use by any organization, regardless of sector or size, to implement risk-management best practices and achieve desired security outcomes. In this session, we discuss how organizations can use AWS to align to the CSF by providing a detailed breakout of AWS services and associated customer responsibilities (security in the cloud) and AWS responsibilities (security of the cloud).

Related Books

Free with a 30 day trial from Scribd

See all

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Aligning to the NIST Cybersecurity Framework in the AWS Cloud - SEC204 - Chicago AWS Summit

  1. 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Aligning to the NIST Cybersecurity Framework in the AWS cloud Tim Anderson Sr. technical industry specialist AWS Security S E C 2 0 4
  2. 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Agenda What is the NIST Cybersecurity Framework (CSF)? Why use the NIST CSF? AWS responsibilities: AWS alignment with the NIST CSF Customer responsibilities: Use of AWS services to align to the NIST CSF
  3. 3. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. What is the NIST CSF?
  4. 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What is the NIST Cybersecurity Framework? 4 • A voluntary framework composed of best practices to help organizations of any size and in any sector improve the cybersecurity, risk management, and resilience of their systems • Common taxonomy to align an organization’s business drivers and security considerations specific to its use of technology • Uses existing standards to scale across borders, evolve with technological advances and business requirements, and provide economies of scale • Originally intended for critical infrastructure, but applicable across all organization types
  5. 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Why was the NIST CSF created? 5 Executive Order Presidential Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” charges NIST in Feb. 2013 Legislation Cybersecurity Enhancement Act of 2014 reinforced the legitimacy and authority of the CSF by codifying its development and voluntary adoption into law In February 2014, the National Institute of Standards and Technology (NIST) published the “Framework for Improving Critical Infrastructure Cybersecurity” (or CSF), a voluntary framework to help organizations of any size and sector improve the cybersecurity, risk management, and resilience of their systems. Originally intended for critical infrastructure, but broader applicability across all organization types. Executive Order Presidential EO 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” mandates the use of CSF for all federal IT
  6. 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What is considered critical infrastructure? 7 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof. 1. Chemical 2. Commercial Facilities 3. Communications 4. Critical Manufacturing 5. Dams 6. Defense Industrial Base 7. Emergency Services 8. Energy 9. Financial Services 10. Food and Agriculture 11. Government Facilities 12. Healthcare and Public Health 13. Information Technology 14. Nuclear Reactors, Materials, and Waste 15. Transportation Systems 16. Water and Wastewater Systems
  7. 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What is the NIST Cybersecurity Framework? The CSF offers a simple yet effective, risk-based, outcome-focused framework consisting of three elements—Core, Tiers, and Profiles. • The Core represents a set of cybersecurity practices, outcomes, and technical, operational, and managerial security controls (referred to as Informative References) that support the five risk management functions Core • Tiers characterize an organization’s aptitude for managing cybersecurity risk Tiers • Profiles are intended to convey the organization’s “as is” and “desired” risk posture Profiles Identify Protect Detect Respond Recover Tier 4- Adaptive Tier 3- Repeat- able Tier 2- Risk Informed Tier 1- Partial Current Target These three elements enable organizations to prioritize and address cybersecurity risks consistent with their business and mission needs.
  8. 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Identify Protect Detect Respond Recover Asset management Business environment Governance Risk Assessment Risk Assessment Strategy Supply Chain Risk Management Access Control Awareness and Training Data Security Information Protection Processes and Procedures Maintenance Protective Technology Anomalies and Events Security Continuous Monitoring Detection Processes Response Planning Communications Analysis Mitigation Improvements Recovery Planning Improvements Communications Subcategories (108 outcome-based security activities) NIST CSF | Core 23 Categories
  9. 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T NIST CSF | Core Function— overarching organization of cybersecurity life cycle management Category—desired security outcome Subcategory—risk- based security activity (i.e., controls) Informative references—standards mapping
  10. 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T NIST CSF | Core
  11. 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Why use the NIST Cybersecurity Framework? Common taxonomy around risk management No cost Risk-based, outcome-focused Leverages existing accreditations, standards, and controls Flexible and adaptive Relevant to techs and execs Sector agnostic Health Care Commercial Sector Federal Agencies States Italy, Japan, Israel, Uruguay Financial Services
  12. 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Why use the NIST Cybersecurity Framework? According to Gartner, the CSF is used by approximately 30 percent of U.S. private sector organizations and projected to reach 50 percent by 2020. As of the release of this report, all 16 U.S. critical infrastructure sectors use the CSF and over 20 states have implemented it. Since fiscal year 2016, U.S. federal agency Federal Information Security Modernization Act (FISMA) metrics have been organized around the CSF and now reference it as a “standard for managing and reducing cybersecurity risks.” Over 20 states have implemented the CSF, and it has been supported by the NGA/NASCIO.
  13. 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Internationalization of the NIST CSF ISO/IEC 27103:2018— Cybersecurity and ISO and IEC Standards (Feb. 2018) - Technical report on implementing a cybersecurity framework leveraging existing standards - Promotes the same concepts and best practices reflected in the NIST CSF FINAL ISO 27103 DRAFT ISO 27101— Cybersecurity framework development guidelines - Concepts include five functions (Identify, Protect, Detect, Respond, Recover) and foundational activities that crosswalk to existing standards, accreditations and frameworks DRAFT ISO 27101
  14. 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Aligning to the NIST CSF in the AWS cloud AWS accomplishes two objectives with the whitepaper: Security of the cloud—Provides a third-party attestation that AWS infrastructure and services conform to NIST CSF risk- management practices, assuring customers that their data is protected across AWS. Security in the cloud—Maps the NIST CSF to AWS cloud offerings that customers can use to align to the NIST. We provide a detailed breakout of AWS services and associated customer and AWS responsibilities to facilitate alignment to the NIST CSF.
  15. 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T AWS services alignment with the CSF • As validated by our third-party assessor, the services that maintain an accreditation under FedRAMP Moderate and/or ISO 27001/27101/27017 align with the CSF. ✓ Validated the NIST CSF Citations mapping to NIST SP 800-53 security control requirements ✓ Reviewed the AWS services that have undergone the FedRAMP Moderate and ISO 9001/27001/27017/27018 accreditations that meet the citation or control requirement ✓ During the service validation, identified additional citations that may have available scoped services that meet the requirement ✓ All services recommended for inclusion were validated as in scope to the AWS FedRAMP Moderate and ISO attestations—marked with *italics in workbook When deploying AWS solutions, organizations can have the assurance that AWS services uphold risk management best practices defined in the CSF and can leverage these solutions for their own alignment to the CSF.
  16. 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Aligning to the NIST CSF in the AWS cloud How to use the whitepaper: 1. Executive level • Summary of AWS and customer responsibilities to align to each of the five functions in the CSF (Identify, Protect, Detect, Respond, Recover) • Third-party attestation 2. Technical level • Detailed mapping of AWS services and resources (beyond FedRAMP and ISO 27001) • Customer responsibilities • AWS responsibilities
  17. 17. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  18. 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Asset Management (ID.AM) Business Environment (ID.BE) Governance (ID.GV) Risk Assessment (ID.RA) Risk Management Strategy (ID.RM) Supply Chain Risk Management (ID.SC) Inventory Lambda Function Event (event-based) Lambda Function Event (event-based) Enterprise Agreement NIST CSF | Identify
  19. 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T NIST CSF | Protect Identity Management, Authentication, and Access Control (PR.AC) Awareness and Training (PR.AT) Data Security (PR.DS) Information Protection Processes and Procedures (PR.IP) Maintenance (PR.MA) Protective Technology (PR.PT) AWS Security Token Service (AWS STS) MFA token Role Permissions
  20. 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Auto Scaling group Public Subnet Public Subnet Auto Scaling group Protect in AWS Architecture AWS Cloud AWS Region VPC Availability Zone A Availability Zone B App Subnet App Subnet DB Subnet DB Subnet DB Primary DB Secondary Web Servers Web Servers App Servers App Servers
  21. 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T NIST CSF | Detect Anomalies and Events (DE.AE) Security Continuous Monitoring (DE.CM) Detection Processes (DE.DP) Flow logs Lambda Function Event (event-based)
  22. 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Response Planning (RS.RP) Communications (RS.CO) Analysis (RS.AN) Mitigation (RS.MI) Improvements (RS.IM) Organizational response activities are improved by incorporating lessons learned from current and previous detection/response activities. AWS service configurations and security automation are updated/ improved. NIST CSF | Respond Filtering rule ACL Subnet Rule
  23. 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Event (event- based) Lambda Function Filtering rule Other AWS & Partner Services Automate with integrated services
  24. 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T NIST CSF | Recover Recovery Planning (RC.RP) Improvements (RC.IM) Communications (RC.CO) Organizational recover activities are improved by incorporating lessons learned from current and previous detection/response activities. AWS service configurations and security automation are updated/ improved.
  25. 25. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Tim Anderson Sr. technical industry specialist AWS Security tdander@amazon.com
  • 10thdiamon

    Jul. 9, 2019
  • CROCTO12

    Jun. 20, 2019
  • JohnnyBurtonCCNP

    Jun. 3, 2019
  • utollwi

    Jun. 1, 2019

The NIST Cybersecurity Framework (CSF) is endorsed by government and industry as a recommended baseline for use by any organization, regardless of sector or size, to implement risk-management best practices and achieve desired security outcomes. In this session, we discuss how organizations can use AWS to align to the CSF by providing a detailed breakout of AWS services and associated customer responsibilities (security in the cloud) and AWS responsibilities (security of the cloud).

Views

Total views

2,327

On Slideshare

0

From embeds

0

Number of embeds

18

Actions

Downloads

227

Shares

0

Comments

0

Likes

4

×