Stephen Schmidt Keynote at re:Inforce 2021

Eyal Estrin ☁️
3 min readAug 24, 2021

Statistics from the past year (during COVID19)

· Number of employees shift to working from home increased by 114%

· Number of mobile phishing attempts increased by 364%

Threat detection and incident response

Amazon GuardDuty

https://aws.amazon.com/guardduty

https://aws.amazon.com/about-aws/whats-new/2021/01/amazon-guardduty-enhances-security-incident-investigation-workflows-through-new-integration-with-amazon-detective/

AWS Security Hub

https://aws.amazon.com/security-hub

https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-standards-fsbp.html

Best practices for fighting against ransomware

https://d1.awsstatic.com/WWPS/pdf/AWSPS_ransomware_ebook_Apr-2020.pdf

Announcement: AWS Backup Audit Manager

https://aws.amazon.com/about-aws/whats-new/2021/08/aws-backup-audit-manager

https://aws.amazon.com/blogs/aws/monitor-evaluate-and-demonstrate-backup-compliance-with-aws-backup-audit-manager

Identity and Access Manager

https://aws.amazon.com/iam

AWS IAM Access Analyzer

Best practices for Identity and Access Management

· Review permissions regularly

· Use groups for IAM policies

· Use least privilege in IAM

Security statistics

73% of enterprises have experienced elevated third-party risks amongst their partner and suppliers

53% of these teams were already understaffed before the pandemic began

HBO Max customer story

AWS IoT Core and VPC Endpoints
https://aws.amazon.com/about-aws/whats-new/2021/07/aws-iot-core-supports-vpc-endpoints

AWS Well-Architected test tool
https://aws.amazon.com/well-architected-tool

Data privacy at AWS
https://aws.amazon.com/compliance/privacy-features
https://aws.amazon.com/compliance/sub-processors

Best practices for protecting your data

· Don’t store sensitive data without a plan

· Encrypt everything

AWS acquired Wicker — End to end encrypted communication technology
https://aws.amazon.com/blogs/security/aws-welcomes-wickr-to-the-team/

Cloud Audit Academy
https://aws.amazon.com/compliance/auditor-learning-path/

--

--

Eyal Estrin ☁️

Author | Cloud Security Architect | AWS Community Builder | Public columnist | CISSP | CCSP | CISM | CDPSE | CISA | CCSK | https://linktr.ee/eyalestrin