Tag: cybersecurity

Cybersecurity analytics is a systematic methodology designed to collect, ingest, process, aggregate, and analyze security events. This methodology empowers organizations to proactively perform security investigations, powered by advanced analytics and machine learning (ML), which help mitigate cyber issues more effectively and efficiently at scale. Learn about the core components of a cybersecurity analytics framework and how organizations can use AWS to design a cybersecurity analytics platform with analytics and ML services.

At HAQM, we believe cybersecurity skills training and workforce development are essential to addressing cybersecurity challenges. Leading into Cybersecurity Awareness Month, HAQM hosted Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), for a roundtable with leaders across higher education, state and local government, and private industry to discuss ways to develop the cybersecurity workforce through skills training, partnerships between government and industry, and creating pathways to cybersecurity careers. Learn more about how HAQM supports cybersecurity training.

Government departments work hard to meet required security framework controls for cloud services, and obtaining an Authority to Operate (ATO) can sometimes take up to 18 months. To assist with this process, AWS developed the open-source AWS Secure Environment Accelerator (ASEA), a tool designed to help deploy and operate secure multi-account AWS environments. This post describes how government departments can more simply deploy a web application consisting of a single-page application (SPA), backend API, and database within ASEA.

This post aims to provide a summary of all the currently disclosed Apache Log4j issues as well as important resources that HAQM Web Services (AWS) has released to help our customers and partners limit any risks posed by these issues.

State and local government (SLG) organizations need to reflect and refocus on cyber hygiene and continuous improvement of their security posture. Here are some best practices for SLG chief information security officers (CISOs) and IT professionals to consider in their cloud journey.

As organizations mature in their cybersecurity capabilities, they are looking to try and leverage automation to reduce the operational burden of alerting, detecting, and responding to threats. This blog post walks through how to combine findings from disparate security systems into a single operational view to help analysts identify, respond, and remediate existing threats while maintaining a dynamic response platform that scales with their environment.

The Canadian Centre for Cyber Security (CCCS) added more AWS services to its assessment of the AWS Canada (Central) Region, bringing the total number of assessed AWS services to 120. This provides Canadian public sector customers additional confidence that AWS Cloud services meet the Government of Canada’s security control requirements. Using these services in conjunction with the deployment of the open source AWS Secure Environment Accelerator (ASEA) solution reduces cloud service configuration time from months to days.

President Biden’s executive order emphasizes the need to elevate information security as a core tenet of national security, and calls on federal agencies and public sector organizations to work with the private sector to prioritize the data security and privacy of the American people and government. AWS and AWS Partners can help government agencies align with the initiatives in this executive order.

With a new round of funding, the US federal government has the opportunity to advance the largest government-wide technology modernization program in a generation. As part of the American Rescue Plan that was signed into law in March, federal agencies are eligible to modernize their mission delivery with additional money available in the Technology Modernization Fund (TMF). Cloud computing offers a variety of solutions agencies can consider for TMF projects.

According to the 2020 Deloitte-NASCIO Cybersecurity Study for state governments, 54 percent of states are not confident in their ability to protect emerging technology. Traditional cybersecurity approaches can result in singularly focused solutions that don’t provide holistic protection. It can also inhibit an organizations’ ability to monitor and respond to security threats in real time. As more organizations shift to cloud-based workloads, security mechanisms and components need to be developed and integrated using a Security by Design (SbD) approach. Our AWS Partners have developed pre-configured security solutions, which allow customers to deploy applications using SbD strategies and also use AWS security solutions to ensure continuous security alignment.