Stephen Schmidt Keynote at re:Inforce 2021
Statistics from the past year (during COVID19)
· Number of employees shift to working from home increased by 114%
· Number of mobile phishing attempts increased by 364%
Threat detection and incident response
Amazon GuardDuty
https://aws.amazon.com/guardduty
AWS Security Hub
https://aws.amazon.com/security-hub
https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp.html
Best practices for fighting against ransomware
https://d1.awsstatic.com/WWPS/pdf/AWSPS_ransomware_ebook_Apr-2020.pdf
Announcement: AWS Backup Audit Manager
https://aws.amazon.com/about-aws/whats-new/2021/08/aws-backup-audit-manager
Identity and Access Manager
AWS IAM Access Analyzer
Best practices for Identity and Access Management
· Review permissions regularly
· Use groups for IAM policies
· Use least privilege in IAM
Security statistics
73% of enterprises have experienced elevated third-party risks amongst their partner and suppliers
53% of these teams were already understaffed before the pandemic began
HBO Max customer story
AWS IoT Core and VPC Endpoints
https://aws.amazon.com/about-aws/whats-new/2021/07/aws-iot-core-supports-vpc-endpoints
AWS Well-Architected test tool
https://aws.amazon.com/well-architected-tool
Data privacy at AWS
https://aws.amazon.com/compliance/privacy-features
https://aws.amazon.com/compliance/sub-processors
Best practices for protecting your data
· Don’t store sensitive data without a plan
· Encrypt everything
AWS acquired Wicker — End to end encrypted communication technology
https://aws.amazon.com/blogs/security/aws-welcomes-wickr-to-the-team/
Cloud Audit Academy
https://aws.amazon.com/compliance/auditor-learning-path/