AWS Cloud Enterprise Strategy Blog
Category: Security, Identity, & Compliance
Increase Business Value from the Cloud with Effective Cloud Governance
We often advise AWS customers embarking on digital transformations to consider that cloud migration is part of digital transformation, and digital transformation must be driven by business outcomes. The effectiveness of your governance programs determines the success of your cloud migration and digital transformation. There will be an end to the cloud migration portion of […]
Announcing the New AWS Enterprise Strategy Track at re:Invent
Recommended sessions for enterprise executives looking to accelerate digital transformation. On behalf of the entire Enterprise Strategy team at AWS, we’re looking forward to welcoming you to re:Invent 2022. With over 2,000 sessions including keynotes and leadership sessions, re:Invent provides an excellent opportunity to learn, share, and connect with your peers. We are excited to […]
AWS Security Leaders: A Series
Background As an Enterprise Strategist at AWS, I spend the majority of my time in two key areas when I meet with customers: all things digital transformation—people, process, technology, culture, aligning technology investments to business outcomes, cloud migration, organizational change, etc.; and security, compliance, risk, and privacy topics, due to my experience as a former […]
CxO Insight: Reporting Cybersecurity to the Board
by Clarke Rodgers, Enterprise Strategist, AWS Enterprise Strategy Over the last several months, one of the most common discussions I have had with members of the C-Suite is around how to effectively report and/or discuss cybersecurity with the organization’s Board of Directors (BoD) and/or Senior Leadership Team (SLT). Background Before I get into the details, […]
The CISO Perspective: How Chief Information Security Officers “Cross the River” to Cloud Adoption
In this guest post, Mignona Cote, the AWS Global Security Advisory lead, reports on her conversation with Jim Routh, Head of Enterprise Cybersecurity at MassMutual. Their discussion covers the challenges for CISOs who straddle the worlds of traditional information security and newer, digital. DevSecOps and cloud-based security paradigms. Ultimately, Routh says, CISOs must learn to […]
Building an Effective Security Team: It’s More Than Just Technical Skills
As part of a new video series of discussions with security leaders, Verified: Presented by AWS re:Inforce, AWS CISO Steve Schmidt sat down with Emma Smith, Global Cyber Security Director at Vodafone, for a discussion on the importance of diversity, equity, and inclusion in security teams. Watch the full video on YouTube. Emma, a Diversity […]
The CISOs of Netflix and AWS Discuss Remote Work, Security Culture, and Cats as a Threat Model
As part of Verified: Presented by AWS re:Inforce, a new video series of discussions with security leaders, AWS CISO Steve Schmidt sat down with Jason Chan, VP of Information Security at Netflix, for a broad-ranging interview. Even though we couldn’t be together this year at AWS re:Inforce, we still wanted to create a platform for […]
Evolving GRC to Maximize Your Business Benefits from the Cloud
Introduction by Mark Schwartz This post continues our series on governance in the cloud. In earlier posts we discussed new strategies for governance, the governance that requires standardization and rules, and governance that oversees projects and investments. In another post John Thorp of AWS Professional Services wrote about AWS’s frameworks for evolving your Governance, Risk, […]
Transform Your GRC Strategy to Get the Most Out of the Cloud
Introduction by Mark Schwartz In several earlier posts I discussed new strategies for governance in the cloud and the digital world in general. In the first, I talked about the kind of governance that requires standardization and rules. In the second, I wrote about governing projects and investments. The underlying point of these posts was […]
Data Protection in AWS
One of the most common areas of interest from customer executives regarding their move to AWS is data protection. Data protection can take many forms (e.g., backups, high availability, long-term storage), but the focus for this blog post will be encryption. This post has been co-written with Scott Conklin, an encryption expert from our AWS Professional […]