AWS re:Invent 2022
Aws and Privacy Engineering Explore the Possibilities Sec210

Title

AWS re:Invent 2022 - AWS and privacy engineering: Explore the possibilities (SEC210)

Summary

  • Jessie Skibby and Carl Mathis from AWS Security Assurance Services discuss building privacy compliance on AWS.
  • They emphasize the importance of privacy as a personal issue and the complexity of navigating over 130 international privacy laws.
  • The shared responsibility model in AWS is highlighted, distinguishing between security of the cloud (AWS's responsibility) and security in the cloud (customer's responsibility).
  • They introduce privacy engineering concepts and how they can be operationalized using AWS services.
  • The session covers specific customer challenges, the art of the possible with AWS services, and how to scale privacy programs.
  • They discuss the business benefits of investing in privacy, including trust, agility, and return on investment.
  • The talk includes technical solutions for continuous oversight, data minimization, individual autonomy, and disclosure control using AWS services like Kinesis, Comprehend, IAM Access Analyzer, AWS Glue, and CodeGuru.
  • Resources for building privacy programs are provided, including AWS Artifact, Data Privacy Center, and GDPR Center.

Insights

  • Privacy is not only a legal requirement but also a trust factor between businesses and individuals.
  • AWS's shared responsibility model extends to privacy, where AWS provides security of the cloud, and customers are responsible for security in the cloud, including privacy.
  • Privacy engineering is about translating privacy by design principles into technical solutions.
  • AWS services can be leveraged to automate and scale privacy controls, such as using Amazon Comprehend for data redaction and AWS Glue for data quality checks.
  • Investing in privacy can lead to significant returns, with some companies seeing up to 5x ROI according to a Cisco study.
  • AWS provides various resources and certifications to help customers build and maintain their privacy programs.
  • The session demonstrates that AWS is continuously evolving its services to address privacy concerns and help customers comply with complex and varying international laws.
  • The talk underscores the importance of viewing AWS services through a privacy lens and adapting them to meet privacy requirements.
Aws a Great Way to Run 5g Networks Hyb206Aws Data Protection Using Locks Keys Signatures and Certificates Sec212