AWS re:Invent 2022
How to Prepare for the Next Evolution of Cyberattacks Prt312

Title

AWS re:Invent 2022 - How to prepare for the next evolution of cyberattacks (PRT312)

Summary

  • Cyberattacks, particularly ransomware, are increasingly common, with many well-run infrastructures still falling victim.
  • Steven Manley, CTO at Druva, emphasizes the need for a new approach to cybersecurity as attackers evolve.
  • Druva is a SaaS data protection company managing a large scale of data across the globe, using AWS services extensively.
  • Manley discusses the importance of encryption and the potential threat of quantum computing to current encryption methods.
  • He highlights the necessity of having a secure production environment, including the use of private subnets, restrictive security groups, and no direct access policies.
  • The talk covers the importance of logs, incident response plans, and monitoring both inbound and outbound traffic.
  • Manley stresses the need for regular access reviews, secure backup environments, and standardized recovery processes.
  • David Jaffe from Amgen shares insights on how Amgen uses Druva for data protection, regulatory compliance, and ransomware recovery.
  • The session concludes with a call to action to visit the Druva booth for more information and demonstrations.

Insights

  • The statistic that two out of three organizations will face a ransomware attack within three years underscores the urgency of cybersecurity preparedness.
  • Despite confidence in their infrastructure, many organizations still experience data loss due to ransomware, indicating a disconnect between perceived security and actual vulnerability.
  • The evolution of cyberattacks necessitates a proactive and evolving approach to security, rather than relying on outdated methods or incremental improvements.
  • Druva's approach to data protection, including encryption and separation of data and metadata, serves as a model for organizations looking to secure their data in the cloud.
  • The discussion on internal threats and the importance of managing encryption keys highlights the need for organizations to not only trust cloud providers but also to maintain control over their data security.
  • The mention of quantum computing as a future threat to encryption emphasizes the need for forward-thinking security strategies that anticipate technological advancements.
  • The importance of logs in incident response and the need for a comprehensive incident response plan are critical for organizations to effectively address and recover from cyberattacks.
  • The conversation with David Jaffe from Amgen provides a real-world example of how a large, regulated company implements data protection and deals with the challenges of remote work and regulatory compliance.
  • The session reinforces the idea that security is not just about technology but also about people and processes, and the need for continuous monitoring, assessment, and adaptation to new threats.
How to Monitor Applications across Multiple Accounts Cop316How to Reuse Patterns When Developing Infrastructure as Code Dop302