The NIST Cybersecurity Framework (CSF) has been endorsed by government and industry as a recommended baseline for use by any organization, regardless of sector or size, to implement risk management best practices and achieve desired security outcomes. In this chalk talk, we discuss how organizations can use AWS to align to the CSF by providing a detailed breakout of AWS services and associated customer responsibilities (security in the cloud) and AWS responsibilities (security of the cloud).