AWS re:Invent 2022
Cyber Hygiene Strategies for Security Leaders Prt012

Title

AWS re:Invent 2022 - Cyber hygiene strategies for security leaders (PRT012)

Summary

  • Shane Jones from Jupiter One discusses the importance of cyber hygiene and understanding the assets within an organization's environment.
  • He uses an analogy of being in a dark house with a flashlight to describe the limited visibility organizations have over their cyber assets.
  • Jones emphasizes that hackers do not operate in lists but look for the shortest path to their target, highlighting the need for a comprehensive view of an organization's environment.
  • He notes that 27% of companies use multi-cloud solutions, and 79% have experienced a cyber event, stressing the importance of asset tracking and monitoring.
  • Jupiter One offers a knowledge graph to provide visibility across an organization's entire environment, including multi-cloud estates.
  • Jones advocates for implementing core controls, tracking and monitoring assets, reducing risk through data analysis, and building a culture of security that involves everyone, not just the security team.
  • He stresses the importance of automation to quickly understand the impact of incidents and the need for visibility to enable innovation and manage costs.
  • The talk concludes with an invitation to visit the Jupiter One booth for further discussion and to explore resources like the SCAR report and the Cyber Defense Matrix.

Insights

  • The analogy of using a flashlight in a dark house effectively illustrates the challenge organizations face in gaining visibility over their cyber assets, which is crucial for effective cyber hygiene.
  • The statistics provided (27% of companies using multi-cloud and 79% having experienced a cyber event) underscore the widespread nature of cybersecurity challenges and the need for comprehensive solutions.
  • The average number of cyber assets (165,000 for most organizations, millions for global enterprises, and approaching 50,000-100,000 for startups) indicates the scale of the challenge in asset management and monitoring.
  • The emphasis on building a culture of security and democratizing security responsibilities suggests a shift from traditional, centralized security models to more inclusive and participatory approaches.
  • The call to automate cybersecurity processes reflects a broader industry trend towards efficiency and rapid response, which is critical in the fast-paced and evolving threat landscape.
  • The mention of Jupiter One's knowledge graph and its ability to provide a complete view of an organization's asset estate highlights the growing importance of advanced data analytics and visualization tools in cybersecurity.
  • The reference to the SCAR report and the Cyber Defense Matrix at the end of the talk suggests that Jupiter One aligns with established cybersecurity frameworks, which could be a point of trust and validation for potential customers.
Cutting Carbon Where It Matters the Most How Sdge Innovates with Aws Enu306Data Driven Outcomes in Public Sector Workplaces Dei206