AWS re:Invent 2022
What We Can Learn from Customers Accelerating Innovation at Aws Security

Title

AWS re:Invent 2022 - Accelerating Innovation at AWS Security

Summary

  • C.J. Moses, VP and CISO at AWS, shares his journey and insights on AWS security.
  • He discusses the importance of customer feedback in driving AWS innovation.
  • Moses highlights the parallels between racing and security, emphasizing data-driven approaches and teamwork.
  • He reflects on his time at the FBI and the transition to AWS, where he helped develop the Virtual Private Cloud.
  • AWS's relentless innovation is driven by customer obsession and a tight feedback loop.
  • Security is AWS's top priority, with a shared responsibility model between AWS and customers.
  • AWS handles billions of customer activities and tracks quadrillions of events to secure workloads.
  • Common security threats like DDoS attacks and compromised EC2 instances are discussed.
  • AWS provides tools like AWS Shield Advance and AWS WAF to mitigate threats.
  • The importance of protecting against the disclosure of security credentials is stressed.
  • Moses emphasizes the human element of security and the need for a security-first culture.
  • Looking ahead to 2023, he predicts a continued shift to the cloud and the rise of security professionals.
  • Amazon Security Lake is introduced to centralize security data analysis.
  • Diversity in the security workforce is seen as crucial for success.
  • Machine learning and AI will play a significant role in cloud security automation.
  • AWS is preparing for quantum-resistant cryptography and supporting multiple MFA authenticators.
  • Deneen DeFiore, CISO at United Airlines, joins the discussion, sharing United's approach to security and resiliency with AWS.
  • DeFiore emphasizes the importance of a security culture and the need for diverse talent in cybersecurity.

Insights

  • AWS's innovation is largely customer-driven, with over 90% of products resulting from customer feedback.
  • The shared responsibility model is a cornerstone of AWS's security philosophy, where AWS secures the cloud infrastructure, and customers secure their data and applications.
  • AWS's scale allows for extensive data analysis, which informs security services like GuardDuty and Inspector.
  • The rise in DDoS attacks and compromised instances highlights the ongoing threat landscape and the need for robust security measures.
  • AWS's focus on the human element of security suggests that technology alone is not enough; a security-first culture and education are essential.
  • The introduction of Amazon Security Lake indicates AWS's commitment to providing advanced tools for security data analysis.
  • The emphasis on diversity and the need for a broad talent pipeline in cybersecurity reflect the industry's recognition of the value of varied perspectives and experiences.
  • The discussion with United Airlines' CISO provides a real-world example of how AWS's security services are applied in a critical infrastructure industry.
  • The anticipation of quantum-resistant cryptography and the support for multiple MFA authenticators show AWS's proactive approach to future security challenges.
What to Know before Adopting Arm Lessons Learned at Datadog Prt265Whats New and Whats Next with Amazon Ecs Con210