SlideShare a Scribd company logo

AWS re:Invent Comes to London 2019 - Security Strategy, Tim Rains

Amazon Web Services
Amazon Web Services

Cybersecurity Strategies, originally presented at AWS re:Invent Comes to London on January 24, 2019.

1 of 36
Download to read offline
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Cybersecurity Strategies Tim Rains EMEA Regional Leader Security & Compliance Worldwide Public Sector Amazon Web Services
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Ingredients for a Successful Cybersecurity Strategy • Business objective alignment • Senior executive and Board support • Cybersecurity Vision, Mission, Imperatives shared with stakeholders • High value assets (Crown Jewels) are defined, executive buy-in • Principles to help govern risk appetite and approach, executive buy-in • Realistic view of current cybersecurity capabilities and technical talent • Compliance program and control framework alignment • Effective relationship with IT • Security culture where everyone participates, executives evangelize
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Critical Ingredient: How Initial Compromise Happens 1. Unpatched vulnerabilities 2. Security misconfigurations 3. Weak, leaked, stolen passwords 4. Social engineering 5. Insider threat Preventing, detecting and responding to initial compromise minimizes damage and costs to the organization
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Critical Ingredient: Underlying Assumptions • Assume breach: the organization will be compromised • Gives CISO permission to invest in protection, detection, and response capabilities • Investing only in protection capabilities enables attackers to: • Persist indefinitely after initial compromise • More easily attack the organization’s partners and customers • Maximize their ROI and damage to the organization, its partners and customers • The C-suite has a “shared destiny” with the CISO • The CISO’s success/failure impacts organization’s global brand in a unique way
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Popular Cybersecurity Strategies
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Protect & Recover Strategy • Underlying assumption: the organization has adequate protection, so it doesn’t need to invest in detection and response capabilities • Focus: protection and recovery processes and technology • Characterized by: investments primarily in perimeter and network protection, backup and recovery
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Protect & Recover Strategy Performance Report Card • Potentially gives more time to patch • Users bring exploits through defenses Unpatched vulnerabilities • Can make it harder to find and exploit • Users bring exploits through defenses Security misconfigurations • Does not mitigate Weak, leaked, stolen passwords • Does not mitigateSocial engineering • Does not mitigateInsider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 2/10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Endpoint Protection Strategy • Underlying assumption: protecting endpoints and devices is an effective proxy for protecting the organization’s data • Focus: protecting endpoints and devices that process, store and transmit data • Characterized by: investments in host based protection technologies
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Endpoint Protection Strategy Performance Report Card • Well managed vulnerability management program mitigates Unpatched vulnerabilities • Well managed vulnerability management program mitigates Security misconfigurations • Can partially mitigate if secure/privileged access workstations used (combined with ID strategy) Weak, leaked, stolen passwords • Can partially mitigate by blocking malicious URLs, files, USB, etc.Social engineering • Can help mitigate unwitting insider mistakes • Typically does not mitigate malicious insider Insider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 7/10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Compliance as a Security Strategy • Underlying assumption: meeting compliance obligations is sufficient for protecting the organization’s data • Focus: meeting organization’s regulatory compliance obligations such as PCI, HIPPA, GDPR, etc. • Characterized by: investments in people, processes, and technologies that help meet compliance obligations
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Compliance as a Security Strategy Performance Report Card • Well managed vulnerability management program mitigates • But only applies to scope of regulation Unpatched vulnerabilities • Well managed vulnerability management program mitigates • But only applies to scope of regulation Security misconfigurations • Can partially mitigate by enforcing complex password policy Weak, leaked, stolen passwords • Can partially mitigate by requiring trainingSocial engineering • Typically does not mitigateInsider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 5/10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Application-centric Strategy • Underlying assumption: protecting applications that handle data protects the organization’s data • Focus: securing applications that process, store and transmit data • Characterized by: investments in security development lifecycles, static/dynamic code analysis tools, penetration testing, mobile device/application management, bug bounties
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Application-centric Strategy Performance Report Card • Well managed vulnerability management program mitigates • Security development practices help reduce vulns Unpatched vulnerabilities • Well managed vulnerability management program mitigates • Security development & operations practices help reduce vulns Security misconfigurations • Can partially mitigate by supporting modern protocols and MFA Weak, leaked, stolen passwords • Can partially mitigate by designing apps that help users make effective trust decisionsSocial engineering • Can partially mitigate by designing apps that require limited privileges, perform logging, designing environments with just enough and just in time administration Insider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 7/10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Identity-centric Strategy • Underlying assumption: the organization can better protect data by better protecting the identities used to access the data • Focus: protecting the identities and credentials used to access the organization’s data and used to administrate key systems • Characterized by: investments in identity management technologies and credential hygiene practices
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Identity-centric Strategy Performance Report Card • Users bring exploits through defenses Unpatched vulnerabilities • Users bring exploits through defenses Security misconfigurations • MFA and intelligence help mitigate risks • Getting coverage across hybrid environment with legacy apps much more challenging Weak, leaked, stolen passwords • MFA and intelligence can mitigate in some scenarios by making it harder for attackers to successfully get access to data Social engineering • Can partially mitigate by making it harder for malicious or unwitting insiders to steal or expose data • Can help provide data for IR purposes Insider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 3/10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Data-centric Strategy • Underlying assumptions: • Data, not the systems that process it, are the high valued assets • Data will move without the organization’s approval or knowledge • Data must be protected regardless of where it is • Data needs to be shared internally and with authorized partners • Some organizations assume the systems that process data are compromised • Focus: protect data wherever it is transmitted, processed and stored…forever • Characterized by: investments in Data Loss Prevention (DLP), encryption, key management technologies, potentially data classification
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Data-centric Strategy Performance Report Card • Can mitigate exploitation of vulnerabilities by making it harder to access encrypted data post exploitation. • Might not mitigate in all cases Unpatched vulnerabilities • Can mitigate exploitation of vulnerabilities by making it harder to access encrypted data post exploitation. • Might not mitigate in all cases Security misconfigurations • Unauthorized access to data using valid credentials typically not mitigated using this strategy alone Weak, leaked, stolen passwords • Can mitigate in some scenarios by making it harder for attackers to successfully get access to dataSocial engineering • Can partially mitigate by making it harder for malicious or unwitting insiders to steal or expose dataInsider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 4/10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Security Clearances Strategy • Underlying assumptions: • End to end physical control of networked devices protects data • Data center staff that have physical access to hardware also have access to data • Therefore, only people with select citizenships and clearances can be permitted access to data centers • A data residency requirement is an effective data protection control • Focus: security assurance of hardware, periodic background checks of data center staff and administrators • Characterized by: investments in people, processes, and technologies that help maintain physical security and assurance, as well as confidence in the character of datacenter staff and administrators
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Security Clearances Performance Report Card • Physical security practices, security clearances and data residency do not mitigate • Requires a well managed vulnerability management program Unpatched vulnerabilities • Physical security practices, security clearances and data residency do not mitigate • Requires a well managed vulnerability management program Security misconfigurations • Physical security practices, security clearances and data residency do not mitigate • Not mitigated Weak, leaked, stolen passwords • Require authorized personnel to take on-going training • Does not fully mitigate non-malicious insider threatSocial engineering • History has taught us this isn’t fully mitigated • Does not fully mitigate malicious and non-malicious insider threat Insider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 2/10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Intrusion Kill Chain Strategy
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON “Cyber kill-chain®” Cyber kill-chain® is a registered trademark of Lockheed Martin 1 2 3 4 5 6 7RECON WEAPON DELIVER EXPLOIT INSTALL C&C ACT
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Intrusion Kill Chain Strategy
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Intrusion Kill Chain Strategy • Underlying assumption: forcing attackers to be successful multiple times during intrusion attempts helps identify protection gaps, decreases detection and recovery times • Focus: detecting, denying, disrupting, degrading, and deceiving attackers in all seven phases of kill chain • Characterized by: investments in numerous areas to cover the 7 phases of the intrusion kill chain
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Intrusion Kill Chain Strategy Performance Report Card • Well managed vulnerability management program mitigates Unpatched vulnerabilities • Well managed vulnerability management program mitigates Security misconfigurations • Can implement effective mitigations Weak, leaked, stolen passwords • Can mitigate in some scenarios by making it harder for attackers to be successful Social engineering • Can implement effective mitigationsInsider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 9/10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Modified Courses of Action Matrix Intrusion Kill Chain Phase Detect Deny Disrupt Degrade Deceive Contain Respond Restore Reconnaissance: pre-intrusion Reconnaissance: post-intrusion Weaponization Delivery Exploitation Installation Command and Control Actions on Objectives
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Phase:Reconnaissance:pre-intrusion PhaseDescription:thisphaserepresentsthe work attackersdo to researchandselecttheirtargets,and understandtheirtargets’digitalfootprints. ControlObjectives:detect,deny, disrupt,degrade,deceive,contain,respond Modified Courses of Action Example Detect: to discover or discern the existence, presence, or fact of an intrusion into information systems AWS Controls: Amazon GuardDuty, Amazon GuardDuty Partners, AWS WAF, WAF Managed Rules, CloudWatch, CloudWatch Logs, CloudTrail and reporting tools such as Elastic Search, QuickSight, etc. in addition to 3rd party tools such as Splunk, Trend Micro, Alertlogic, etc Deny: to prevent the adversary from accessing and using critical information, systems, and services AWS Controls: Amazon Virtual Private Cloud (VPC), AWS Identity and Access Management (IAM) + AWS Organizations, AWS Certificate Manager + Transport Layer Security (TLS), Network infrastructure solutions in the AWS Marketplace, AWS WAF, WAF Managed Rules, AWS Direct Connect, Systems Manager Session Manager and Run Command
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Measuring performance & effectiveness of your cybersecurity investments
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Measuring Performance & Effectiveness • Perform intrusion reconstructions on successful, partially successful, and failed intrusion attempts • Key questions • How far did attackers get with their intrusion kill chain before detected? • Was data exfiltration attempted/successful? • What controls failed to protect and detect? • Where did gaps in protection and detection controls contribute to attacker success? • Where did attackers and/or defenders get lucky? • How long did it take for the attack to be detected? • Did the SOC/CSOC get the data they needed to detect intrusion? • Did the IR process work as designed? • Did IT partner during the intrusion as planned? • How did your vendor(s) help?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Measuring Performance & Effectiveness • Intrusion reconstructions can be very helpful • Identifies which controls work as advertised/expected • Identifies which controls failed to perform as expected • Identifies which control integrations worked/failed • Can help confirm security controls/investment gap analysis • Can help confirm you have the correct investment priorities • Identifies people and processes that performed/underperformed • Can help inform pen test/red team exercises • Helpful data on control/capability efficacy • Helpful data for vendor renewal discussions/negotiations • Data can help inform governance, risk, and compliance, and build a business case for appropriate changes
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON AWS Identity & Access Management (IAM) AWS Organizations AWS Cognito AWS Directory Service AWS Single Sign-On AWS CloudTrail AWS Config Amazon CloudWatch Amazon GuardDuty VPC Flow Logs AWS Security Hub Amazon EC2 Systems Manager AWS Shield AWS Web Application Firewall (WAF) Amazon Inspector Amazon Virtual Private Cloud (VPC) AWS Key Management Service AWS CloudHSM Server/Client Side Encryption Amazon Macie Certificate Manager Secret Manager AWS Config Rules AWS Lambda Identity Detective control Infrastructure security Incident response Data protection Where to Start: Cloud Adoption Framework https://d0.awsstatic.com/whitepapers/AWS_CAF_Security_Perspective.pdf
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Resources https://aws.amazon.com/security/ https://aws.amazon.com/compliance/ Cloud Adoption Framework, Security Perspective https://d0.awsstatic.com/whitepapers/AWS_CAF_Security_Perspective.pdf Well-Architected framework https://aws.amazon.com/architecture/well-architected/

Recommended

AWS re:Invent Comes to London 2019 - Cashflow, Customer Experience & Risk
AWS re:Invent Comes to London 2019 - Cashflow, Customer Experience & RiskAWS re:Invent Comes to London 2019 - Cashflow, Customer Experience & Risk
AWS re:Invent Comes to London 2019 - Cashflow, Customer Experience & RiskAmazon Web Services
 
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAmazon Web Services
 
Balancing cloud innovation and security - GRC317 - AWS re:Inforce 2019
Balancing cloud innovation and security - GRC317 - AWS re:Inforce 2019 Balancing cloud innovation and security - GRC317 - AWS re:Inforce 2019
Balancing cloud innovation and security - GRC317 - AWS re:Inforce 2019 Amazon Web Services
 
External Security Services Round: Security Week at the San Francisco Loft
External Security Services Round: Security Week at the San Francisco LoftExternal Security Services Round: Security Week at the San Francisco Loft
External Security Services Round: Security Week at the San Francisco LoftAmazon Web Services
 
Leverage the security & resiliency of the cloud & IoT for industry use cases ...
Leverage the security & resiliency of the cloud & IoT for industry use cases ...Leverage the security & resiliency of the cloud & IoT for industry use cases ...
Leverage the security & resiliency of the cloud & IoT for industry use cases ...Amazon Web Services
 
Scalable encryption: A key to public sector compliance - GRC342 - AWS re:Info...
Scalable encryption: A key to public sector compliance - GRC342 - AWS re:Info...Scalable encryption: A key to public sector compliance - GRC342 - AWS re:Info...
Scalable encryption: A key to public sector compliance - GRC342 - AWS re:Info...Amazon Web Services
 
The economics of incidents, and creative ways to thwart future threats - SEP3...
The economics of incidents, and creative ways to thwart future threats - SEP3...The economics of incidents, and creative ways to thwart future threats - SEP3...
The economics of incidents, and creative ways to thwart future threats - SEP3...Amazon Web Services
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Amazon Web Services
 

Recommended

AWS re:Invent Comes to London 2019 - Cashflow, Customer Experience & Risk
AWS re:Invent Comes to London 2019 - Cashflow, Customer Experience & RiskAWS re:Invent Comes to London 2019 - Cashflow, Customer Experience & Risk
AWS re:Invent Comes to London 2019 - Cashflow, Customer Experience & RiskAmazon Web Services
 
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAmazon Web Services
 
Balancing cloud innovation and security - GRC317 - AWS re:Inforce 2019
Balancing cloud innovation and security - GRC317 - AWS re:Inforce 2019 Balancing cloud innovation and security - GRC317 - AWS re:Inforce 2019
Balancing cloud innovation and security - GRC317 - AWS re:Inforce 2019 Amazon Web Services
 
External Security Services Round: Security Week at the San Francisco Loft
External Security Services Round: Security Week at the San Francisco LoftExternal Security Services Round: Security Week at the San Francisco Loft
External Security Services Round: Security Week at the San Francisco LoftAmazon Web Services
 
Leverage the security & resiliency of the cloud & IoT for industry use cases ...
Leverage the security & resiliency of the cloud & IoT for industry use cases ...Leverage the security & resiliency of the cloud & IoT for industry use cases ...
Leverage the security & resiliency of the cloud & IoT for industry use cases ...Amazon Web Services
 
Scalable encryption: A key to public sector compliance - GRC342 - AWS re:Info...
Scalable encryption: A key to public sector compliance - GRC342 - AWS re:Info...Scalable encryption: A key to public sector compliance - GRC342 - AWS re:Info...
Scalable encryption: A key to public sector compliance - GRC342 - AWS re:Info...Amazon Web Services
 
The economics of incidents, and creative ways to thwart future threats - SEP3...
The economics of incidents, and creative ways to thwart future threats - SEP3...The economics of incidents, and creative ways to thwart future threats - SEP3...
The economics of incidents, and creative ways to thwart future threats - SEP3...Amazon Web Services
 
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019
Guarding the guardian’s guard: IBM Trusteer - SEP326 - AWS re:Inforce 2019 Amazon Web Services
 
Everything you wanted to know about compliance but were afraid to ask - GRC20...
Everything you wanted to know about compliance but were afraid to ask - GRC20...Everything you wanted to know about compliance but were afraid to ask - GRC20...
Everything you wanted to know about compliance but were afraid to ask - GRC20...Amazon Web Services
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Amazon Web Services
 
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019 DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019 Amazon Web Services
 
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019 Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019 Amazon Web Services
 
AWS re:Invent Comes to London 2019 - Keynote
AWS re:Invent Comes to London 2019 - KeynoteAWS re:Invent Comes to London 2019 - Keynote
AWS re:Invent Comes to London 2019 - KeynoteAmazon Web Services
 
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Amazon Web Services
 
Elevate your security with the cloud
Elevate your security with the cloudElevate your security with the cloud
Elevate your security with the cloudAmazon Web Services
 
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019 Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019 Amazon Web Services
 
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Amazon Web Services
 
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ... How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...Amazon Web Services
 
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...Amazon Web Services
 
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Amazon Web Services
 
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 Amazon Web Services
 
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...Amazon Web Services
 
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Amazon Web Services
 
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019 Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019 Amazon Web Services
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...Amazon Web Services
 
How policymakers can fulfill promises of security for cloud services - SEP205...
How policymakers can fulfill promises of security for cloud services - SEP205...How policymakers can fulfill promises of security for cloud services - SEP205...
How policymakers can fulfill promises of security for cloud services - SEP205...Amazon Web Services
 
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...Amazon Web Services
 
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Amazon Web Services
 
Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSAmazon Web Services
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSonny Hashmi
 

More Related Content

What's hot

Everything you wanted to know about compliance but were afraid to ask - GRC20...
Everything you wanted to know about compliance but were afraid to ask - GRC20...Everything you wanted to know about compliance but were afraid to ask - GRC20...
Everything you wanted to know about compliance but were afraid to ask - GRC20...Amazon Web Services
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Amazon Web Services
 
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019 DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019 Amazon Web Services
 
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019 Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019 Amazon Web Services
 
AWS re:Invent Comes to London 2019 - Keynote
AWS re:Invent Comes to London 2019 - KeynoteAWS re:Invent Comes to London 2019 - Keynote
AWS re:Invent Comes to London 2019 - KeynoteAmazon Web Services
 
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Amazon Web Services
 
Elevate your security with the cloud
Elevate your security with the cloudElevate your security with the cloud
Elevate your security with the cloudAmazon Web Services
 
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019 Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019 Amazon Web Services
 
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Amazon Web Services
 
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ... How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...Amazon Web Services
 
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...Amazon Web Services
 
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Amazon Web Services
 
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 Amazon Web Services
 
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...Amazon Web Services
 
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Amazon Web Services
 
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019 Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019 Amazon Web Services
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...Amazon Web Services
 
How policymakers can fulfill promises of security for cloud services - SEP205...
How policymakers can fulfill promises of security for cloud services - SEP205...How policymakers can fulfill promises of security for cloud services - SEP205...
How policymakers can fulfill promises of security for cloud services - SEP205...Amazon Web Services
 
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...Amazon Web Services
 
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Amazon Web Services
 

What's hot (20)

Everything you wanted to know about compliance but were afraid to ask - GRC20...
Everything you wanted to know about compliance but were afraid to ask - GRC20...Everything you wanted to know about compliance but were afraid to ask - GRC20...
Everything you wanted to know about compliance but were afraid to ask - GRC20...
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
 
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019 DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019
 
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019 Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
 
AWS re:Invent Comes to London 2019 - Keynote
AWS re:Invent Comes to London 2019 - KeynoteAWS re:Invent Comes to London 2019 - Keynote
AWS re:Invent Comes to London 2019 - Keynote
 
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...
 
Elevate your security with the cloud
Elevate your security with the cloudElevate your security with the cloud
Elevate your security with the cloud
 
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019 Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019
Continuous compliance with AWS management tools - GRC316 - AWS re:Inforce 2019
 
Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019 Implementing your landing zone - FND210 - AWS re:Inforce 2019
Implementing your landing zone - FND210 - AWS re:Inforce 2019
 
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ... How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...
How to Leverage Traffic Analysis to Navigate through Cloudy Skies - DEM03-R ...
 
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...
 
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
Build a PCI SAQ A-EP-compliant serverless service to manage credit card payme...
 
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
 
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...
Root CA hierarchies for AWS Certificate Manager (ACM) Private CA - FND320 - A...
 
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...
 
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019 Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019
Using analytics to set access controls in AWS - SDD204 - AWS re:Inforce 2019
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...
 
How policymakers can fulfill promises of security for cloud services - SEP205...
How policymakers can fulfill promises of security for cloud services - SEP205...How policymakers can fulfill promises of security for cloud services - SEP205...
How policymakers can fulfill promises of security for cloud services - SEP205...
 
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...
Securing enterprise-grade serverless applications - SDD401 - AWS re:Inforce 2...
 
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...
 

Similar to AWS re:Invent Comes to London 2019 - Security Strategy, Tim Rains

Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSAmazon Web Services
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSonny Hashmi
 
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSonny Hashmi
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight BackMTG IT Professionals
 
Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)OnRamp
 
The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)Kirsty Donovan
 
3 simple strategies to preserve and manage unstructured data of former emplo...
3 simple strategies to preserve and manage unstructured data of former emplo...3 simple strategies to preserve and manage unstructured data of former emplo...
3 simple strategies to preserve and manage unstructured data of former emplo...Vaultastic
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should KnowIBM Security
 
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECMRich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECMRich Saglimbene
 
Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Ray Bugg
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?IBM Security
 
MT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response PlanningMT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response PlanningDell EMC World
 
Six Steps to Secure Access for Privileged Insiders & Vendors
Six Steps to Secure Access for Privileged Insiders & VendorsSix Steps to Secure Access for Privileged Insiders & Vendors
Six Steps to Secure Access for Privileged Insiders & VendorsBomgar
 
Small%20Business%20Presentation.pptx
Small%20Business%20Presentation.pptxSmall%20Business%20Presentation.pptx
Small%20Business%20Presentation.pptxKENNEDY GITHAIGA
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Digitalstakeout Scout Overview
Digitalstakeout Scout OverviewDigitalstakeout Scout Overview
Digitalstakeout Scout OverviewDigitalStakeout
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessJoel Cardella
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldiMIS
 

Similar to AWS re:Invent Comes to London 2019 - Security Strategy, Tim Rains (20)

Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWS
 
Securing your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEsSecuring your digital world - Cybersecurity for SBEs
Securing your digital world - Cybersecurity for SBEs
 
Securing your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb esSecuring your digital world cybersecurity for sb es
Securing your digital world cybersecurity for sb es
 
6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back6 Biggest Cyber Security Risks and How You Can Fight Back
6 Biggest Cyber Security Risks and How You Can Fight Back
 
Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)Too Small to Get Hacked? Think Again (Webinar)
Too Small to Get Hacked? Think Again (Webinar)
 
The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)
 
BREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAPBREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAP
 
3 simple strategies to preserve and manage unstructured data of former emplo...
3 simple strategies to preserve and manage unstructured data of former emplo...3 simple strategies to preserve and manage unstructured data of former emplo...
3 simple strategies to preserve and manage unstructured data of former emplo...
 
10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know10 Security Essentials Every CxO Should Know
10 Security Essentials Every CxO Should Know
 
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECMRich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
Rich Saglimbene NYC Content 2015 Speaker Data Security for IBM ECM
 
Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)Scot Secure 2019 Edinburgh (Day 2)
Scot Secure 2019 Edinburgh (Day 2)
 
How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?How Vulnerable is Your Critical Data?
How Vulnerable is Your Critical Data?
 
MT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response PlanningMT 70 The New Era of Incident Response Planning
MT 70 The New Era of Incident Response Planning
 
Topic11
Topic11Topic11
Topic11
 
Six Steps to Secure Access for Privileged Insiders & Vendors
Six Steps to Secure Access for Privileged Insiders & VendorsSix Steps to Secure Access for Privileged Insiders & Vendors
Six Steps to Secure Access for Privileged Insiders & Vendors
 
Small%20Business%20Presentation.pptx
Small%20Business%20Presentation.pptxSmall%20Business%20Presentation.pptx
Small%20Business%20Presentation.pptx
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
 
Digitalstakeout Scout Overview
Digitalstakeout Scout OverviewDigitalstakeout Scout Overview
Digitalstakeout Scout Overview
 
BSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing businessBSIDES DETROIT 2015: Data breaches cost of doing business
BSIDES DETROIT 2015: Data breaches cost of doing business
 
CIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile WorldCIO Summit: Data Security in a Mobile World
CIO Summit: Data Security in a Mobile World
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

AWS re:Invent Comes to London 2019 - Security Strategy, Tim Rains

  • 1.
  • 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Cybersecurity Strategies Tim Rains EMEA Regional Leader Security & Compliance Worldwide Public Sector Amazon Web Services
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON
  • 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Ingredients for a Successful Cybersecurity Strategy • Business objective alignment • Senior executive and Board support • Cybersecurity Vision, Mission, Imperatives shared with stakeholders • High value assets (Crown Jewels) are defined, executive buy-in • Principles to help govern risk appetite and approach, executive buy-in • Realistic view of current cybersecurity capabilities and technical talent • Compliance program and control framework alignment • Effective relationship with IT • Security culture where everyone participates, executives evangelize
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Critical Ingredient: How Initial Compromise Happens 1. Unpatched vulnerabilities 2. Security misconfigurations 3. Weak, leaked, stolen passwords 4. Social engineering 5. Insider threat Preventing, detecting and responding to initial compromise minimizes damage and costs to the organization
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Critical Ingredient: Underlying Assumptions • Assume breach: the organization will be compromised • Gives CISO permission to invest in protection, detection, and response capabilities • Investing only in protection capabilities enables attackers to: • Persist indefinitely after initial compromise • More easily attack the organization’s partners and customers • Maximize their ROI and damage to the organization, its partners and customers • The C-suite has a “shared destiny” with the CISO • The CISO’s success/failure impacts organization’s global brand in a unique way
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON
  • 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Popular Cybersecurity Strategies
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Protect & Recover Strategy • Underlying assumption: the organization has adequate protection, so it doesn’t need to invest in detection and response capabilities • Focus: protection and recovery processes and technology • Characterized by: investments primarily in perimeter and network protection, backup and recovery
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Protect & Recover Strategy Performance Report Card • Potentially gives more time to patch • Users bring exploits through defenses Unpatched vulnerabilities • Can make it harder to find and exploit • Users bring exploits through defenses Security misconfigurations • Does not mitigate Weak, leaked, stolen passwords • Does not mitigateSocial engineering • Does not mitigateInsider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 2/10
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Endpoint Protection Strategy • Underlying assumption: protecting endpoints and devices is an effective proxy for protecting the organization’s data • Focus: protecting endpoints and devices that process, store and transmit data • Characterized by: investments in host based protection technologies
  • 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Endpoint Protection Strategy Performance Report Card • Well managed vulnerability management program mitigates Unpatched vulnerabilities • Well managed vulnerability management program mitigates Security misconfigurations • Can partially mitigate if secure/privileged access workstations used (combined with ID strategy) Weak, leaked, stolen passwords • Can partially mitigate by blocking malicious URLs, files, USB, etc.Social engineering • Can help mitigate unwitting insider mistakes • Typically does not mitigate malicious insider Insider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 7/10
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Compliance as a Security Strategy • Underlying assumption: meeting compliance obligations is sufficient for protecting the organization’s data • Focus: meeting organization’s regulatory compliance obligations such as PCI, HIPPA, GDPR, etc. • Characterized by: investments in people, processes, and technologies that help meet compliance obligations
  • 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Compliance as a Security Strategy Performance Report Card • Well managed vulnerability management program mitigates • But only applies to scope of regulation Unpatched vulnerabilities • Well managed vulnerability management program mitigates • But only applies to scope of regulation Security misconfigurations • Can partially mitigate by enforcing complex password policy Weak, leaked, stolen passwords • Can partially mitigate by requiring trainingSocial engineering • Typically does not mitigateInsider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 5/10
  • 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Application-centric Strategy • Underlying assumption: protecting applications that handle data protects the organization’s data • Focus: securing applications that process, store and transmit data • Characterized by: investments in security development lifecycles, static/dynamic code analysis tools, penetration testing, mobile device/application management, bug bounties
  • 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Application-centric Strategy Performance Report Card • Well managed vulnerability management program mitigates • Security development practices help reduce vulns Unpatched vulnerabilities • Well managed vulnerability management program mitigates • Security development & operations practices help reduce vulns Security misconfigurations • Can partially mitigate by supporting modern protocols and MFA Weak, leaked, stolen passwords • Can partially mitigate by designing apps that help users make effective trust decisionsSocial engineering • Can partially mitigate by designing apps that require limited privileges, perform logging, designing environments with just enough and just in time administration Insider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 7/10
  • 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Identity-centric Strategy • Underlying assumption: the organization can better protect data by better protecting the identities used to access the data • Focus: protecting the identities and credentials used to access the organization’s data and used to administrate key systems • Characterized by: investments in identity management technologies and credential hygiene practices
  • 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Identity-centric Strategy Performance Report Card • Users bring exploits through defenses Unpatched vulnerabilities • Users bring exploits through defenses Security misconfigurations • MFA and intelligence help mitigate risks • Getting coverage across hybrid environment with legacy apps much more challenging Weak, leaked, stolen passwords • MFA and intelligence can mitigate in some scenarios by making it harder for attackers to successfully get access to data Social engineering • Can partially mitigate by making it harder for malicious or unwitting insiders to steal or expose data • Can help provide data for IR purposes Insider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 3/10
  • 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Data-centric Strategy • Underlying assumptions: • Data, not the systems that process it, are the high valued assets • Data will move without the organization’s approval or knowledge • Data must be protected regardless of where it is • Data needs to be shared internally and with authorized partners • Some organizations assume the systems that process data are compromised • Focus: protect data wherever it is transmitted, processed and stored…forever • Characterized by: investments in Data Loss Prevention (DLP), encryption, key management technologies, potentially data classification
  • 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Data-centric Strategy Performance Report Card • Can mitigate exploitation of vulnerabilities by making it harder to access encrypted data post exploitation. • Might not mitigate in all cases Unpatched vulnerabilities • Can mitigate exploitation of vulnerabilities by making it harder to access encrypted data post exploitation. • Might not mitigate in all cases Security misconfigurations • Unauthorized access to data using valid credentials typically not mitigated using this strategy alone Weak, leaked, stolen passwords • Can mitigate in some scenarios by making it harder for attackers to successfully get access to dataSocial engineering • Can partially mitigate by making it harder for malicious or unwitting insiders to steal or expose dataInsider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 4/10
  • 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Security Clearances Strategy • Underlying assumptions: • End to end physical control of networked devices protects data • Data center staff that have physical access to hardware also have access to data • Therefore, only people with select citizenships and clearances can be permitted access to data centers • A data residency requirement is an effective data protection control • Focus: security assurance of hardware, periodic background checks of data center staff and administrators • Characterized by: investments in people, processes, and technologies that help maintain physical security and assurance, as well as confidence in the character of datacenter staff and administrators
  • 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Security Clearances Performance Report Card • Physical security practices, security clearances and data residency do not mitigate • Requires a well managed vulnerability management program Unpatched vulnerabilities • Physical security practices, security clearances and data residency do not mitigate • Requires a well managed vulnerability management program Security misconfigurations • Physical security practices, security clearances and data residency do not mitigate • Not mitigated Weak, leaked, stolen passwords • Require authorized personnel to take on-going training • Does not fully mitigate non-malicious insider threatSocial engineering • History has taught us this isn’t fully mitigated • Does not fully mitigate malicious and non-malicious insider threat Insider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 2/10
  • 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Intrusion Kill Chain Strategy
  • 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON
  • 25. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON “Cyber kill-chain®” Cyber kill-chain® is a registered trademark of Lockheed Martin 1 2 3 4 5 6 7RECON WEAPON DELIVER EXPLOIT INSTALL C&C ACT
  • 26. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Intrusion Kill Chain Strategy
  • 27. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Intrusion Kill Chain Strategy • Underlying assumption: forcing attackers to be successful multiple times during intrusion attempts helps identify protection gaps, decreases detection and recovery times • Focus: detecting, denying, disrupting, degrading, and deceiving attackers in all seven phases of kill chain • Characterized by: investments in numerous areas to cover the 7 phases of the intrusion kill chain
  • 28. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Intrusion Kill Chain Strategy Performance Report Card • Well managed vulnerability management program mitigates Unpatched vulnerabilities • Well managed vulnerability management program mitigates Security misconfigurations • Can implement effective mitigations Weak, leaked, stolen passwords • Can mitigate in some scenarios by making it harder for attackers to be successful Social engineering • Can implement effective mitigationsInsider threat Good coverage (2pts) Partial coverage (1pt) Little or no coverage (0pts) Cybersecurity fundamentals Score: 9/10
  • 29. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Modified Courses of Action Matrix Intrusion Kill Chain Phase Detect Deny Disrupt Degrade Deceive Contain Respond Restore Reconnaissance: pre-intrusion Reconnaissance: post-intrusion Weaponization Delivery Exploitation Installation Command and Control Actions on Objectives
  • 30. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Phase:Reconnaissance:pre-intrusion PhaseDescription:thisphaserepresentsthe work attackersdo to researchandselecttheirtargets,and understandtheirtargets’digitalfootprints. ControlObjectives:detect,deny, disrupt,degrade,deceive,contain,respond Modified Courses of Action Example Detect: to discover or discern the existence, presence, or fact of an intrusion into information systems AWS Controls: Amazon GuardDuty, Amazon GuardDuty Partners, AWS WAF, WAF Managed Rules, CloudWatch, CloudWatch Logs, CloudTrail and reporting tools such as Elastic Search, QuickSight, etc. in addition to 3rd party tools such as Splunk, Trend Micro, Alertlogic, etc Deny: to prevent the adversary from accessing and using critical information, systems, and services AWS Controls: Amazon Virtual Private Cloud (VPC), AWS Identity and Access Management (IAM) + AWS Organizations, AWS Certificate Manager + Transport Layer Security (TLS), Network infrastructure solutions in the AWS Marketplace, AWS WAF, WAF Managed Rules, AWS Direct Connect, Systems Manager Session Manager and Run Command
  • 31. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Measuring performance & effectiveness of your cybersecurity investments
  • 32. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Measuring Performance & Effectiveness • Perform intrusion reconstructions on successful, partially successful, and failed intrusion attempts • Key questions • How far did attackers get with their intrusion kill chain before detected? • Was data exfiltration attempted/successful? • What controls failed to protect and detect? • Where did gaps in protection and detection controls contribute to attacker success? • Where did attackers and/or defenders get lucky? • How long did it take for the attack to be detected? • Did the SOC/CSOC get the data they needed to detect intrusion? • Did the IR process work as designed? • Did IT partner during the intrusion as planned? • How did your vendor(s) help?
  • 33. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Measuring Performance & Effectiveness • Intrusion reconstructions can be very helpful • Identifies which controls work as advertised/expected • Identifies which controls failed to perform as expected • Identifies which control integrations worked/failed • Can help confirm security controls/investment gap analysis • Can help confirm you have the correct investment priorities • Identifies people and processes that performed/underperformed • Can help inform pen test/red team exercises • Helpful data on control/capability efficacy • Helpful data for vendor renewal discussions/negotiations • Data can help inform governance, risk, and compliance, and build a business case for appropriate changes
  • 34. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON
  • 35. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON AWS Identity & Access Management (IAM) AWS Organizations AWS Cognito AWS Directory Service AWS Single Sign-On AWS CloudTrail AWS Config Amazon CloudWatch Amazon GuardDuty VPC Flow Logs AWS Security Hub Amazon EC2 Systems Manager AWS Shield AWS Web Application Firewall (WAF) Amazon Inspector Amazon Virtual Private Cloud (VPC) AWS Key Management Service AWS CloudHSM Server/Client Side Encryption Amazon Macie Certificate Manager Secret Manager AWS Config Rules AWS Lambda Identity Detective control Infrastructure security Incident response Data protection Where to Start: Cloud Adoption Framework https://d0.awsstatic.com/whitepapers/AWS_CAF_Security_Perspective.pdf
  • 36. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. COMESTOLONDON Resources https://aws.amazon.com/security/ https://aws.amazon.com/compliance/ Cloud Adoption Framework, Security Perspective https://d0.awsstatic.com/whitepapers/AWS_CAF_Security_Perspective.pdf Well-Architected framework https://aws.amazon.com/architecture/well-architected/