AWS re:Inforce 2024
Cybersecurity W Pwc Compliance Generative Ai Cost Optimization Grc226 S

Title: AWS re:Inforce 2024 - Cybersecurity w/ PwC: Compliance, generative AI & cost optimization (GRC226-S)

Insights:

  • Introduction and Speaker Roles: Marianne Olson and Nausheen from PwC introduced themselves, highlighting their roles in cybersecurity and cloud solutions on AWS.
  • Purpose of the Talk: The session aimed to spark ideas on continuous compliance, resilience in AWS, generative AI for cybersecurity, and cost optimization.
  • Continuous Compliance:
    • Compliance is a significant challenge, especially in heavily regulated industries like energy and finance.
    • PwC collaborates with AWS to build solutions that help clients manage compliance within their AWS environments, leveraging security logs and analytics.
    • The goal is to enable clients to confidently meet regulatory requirements and streamline audit processes.
  • Resiliency:
    • Cyber incidents are inevitable, making resilience crucial.
    • PwC emphasizes the importance of automating recovery processes and regular testing to ensure confidence in recovery capabilities.
    • Recovery orchestration is a complex challenge involving dependencies across multiple applications.
    • PwC's approach uses AWS Step Functions and tailored modules to automate and streamline recovery processes.
  • Generative AI for Cybersecurity:
    • Generative AI is gaining attention for its potential in cybersecurity.
    • Two main areas of focus: securing AI models and leveraging AI for cybersecurity.
    • PwC helps clients use AI responsibly, balancing innovation with security.
    • Examples include using AWS Bedrock and QuickSight for interactive security dashboards.
  • Cost Optimization:
    • Automation and orchestration solutions require significant investment in skills, time, and budget.
    • Continuous resiliency is essential to avoid configuration drift and ensure recovery readiness.
    • PwC promotes continuous verification checks using AWS Resiliency Hub to maintain infrastructure integrity and security.

Quotes:

  • "It's not an if anymore. It's when an organization is going to have a cyber incident."
  • "Automation has enabled us to get here."
  • "Generative AI... it's something that's very strong in the hype cycle right now, but it's something that's been around for some time."
  • "Resiliency is not something you wake up and do four times a year."
  • "Compliance is something that I get hit with a lot with the different industries that I work in."
  • "We have these different solutions. And yes, I know automation will save me money, but we're in a really tight budgetary situation right now."
  • "Continuous resiliency... is capable of doing continuous verification checks."
Cyber Threat Intelligence Sharing on Aws Tdr305Cybersphere by Deloitte a Simplified Platform Integrated with Aws Sec421 S