AWS Public Sector Blog

Category: Security, Identity, & Compliance

Developing the US cybersecurity workforce with CISA

At Amazon, we believe cybersecurity skills training and workforce development are essential to addressing cybersecurity challenges. Leading into Cybersecurity Awareness Month, Amazon hosted Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), for a roundtable with leaders across higher education, state and local government, and private industry to discuss ways to develop the cybersecurity workforce through skills training, partnerships between government and industry, and creating pathways to cybersecurity careers. Learn more about how Amazon supports cybersecurity training.

AWS announces low-to-no cost security services for federal political campaigns and committees

It is essential for election campaigns and committees to have access to the latest security services so they can mitigate risks against security threats at minimal cost. To support this, AWS is collaborating with Defending Digital Campaigns (DDC) to offer more than 20 cybersecurity-related AWS services for low-to-no cost to all active and registered national party committees and federal candidate committees for the US House and US Senate midterm elections that are eligible in accordance with DDC and Federal Election Commission (FEC) criteria.

Enabling secure mission success with Wickr RAM in Department of Defense Cloud One

AWS announced the availability of Wickr RAM (Recall, Alert and Messaging) to the U.S. Department of Defense (DOD) through Cloud One, which is a cloud hosting infrastructure and service. Wickr RAM is an end-to-end encrypted full suite collaboration application built for the warfighter. It is available on AWS GovCloud (US) and can support workloads up to Impact Level 5.

Navigating ISM and Essential Eight compliance with AWS Config for Australian government agencies

To help our Australian customers, AWS provides pre-built conformance packs for the Australian Cyber Security Centre (ACSC) Essential Eight Maturity Model and the ACSC Information Security Manual (ISM). The ACSC’s Essential Eight was first published in 2017 and is a set of prioritised security mitigation strategies designed to help protect organisations against various security threats. In this blog post, I walk you through how to set up a conformance pack in AWS Config that is designed to help you implement and track the ASCS Essential Eight model.

How to implement CNAP for federal and defense customers in AWS

In July 2021, the U.S. Department of Defense (DoD) released a cloud native access point (CNAP) reference design that follows zero trust architecture (ZTA) principles and provides a new approach to access mission owner (MO) applications. The DoD’s reference design discusses four core capabilities of CNAP: authenticated and authorized entities (C1), authorized ingress (C2), authorized egress (C3), and security monitoring and compliance enforcement (C4). In this blog post, we walk through how to establish the C2 component via a virtual internet access point (vIAP) with AWS. The proposed architectures can reduce operational cost and management overhead, while improving the accessibility, resiliency, and security of mission owner applications.

How NRCan used an AWS open source solution to complete a PBMM evidence package in 60 days

Since signing a framework agreement with the Government of Canada (GC) in 2019, AWS has developed an open source solution to automate the deployment of security controls for GC customers, which can reduce the time it takes to achieve an Authority to Operate (ATO). Natural Resources Canada (NRCan) used this solution to implement their cloud landing zone controls aligned with the Protected B, Medium Integrity, Medium Availability (PBMM) profile. They worked with AWS Partner Kainos to complete an ATO evidence package in only 60 days—a process that typically takes 18 months.

How one nonprofit uses AWS to amplify citizen advocacy across Africa

ONE is a global movement to end extreme poverty and preventable disease by 2030. Advocacy is about taking action in real time, so we need to reach people wherever they are. In Africa, that means using mobile devices. To help us reach audiences across Africa, we launched a mobile chatbot built on AWS.

AWS GovCloud (US) or standard? Selecting the right AWS partition

This blog post explores the options US public sector customers and their business partners should evaluate when selecting an AWS partition. We discuss the differences between AWS GovCloud (US) and the AWS standard partition and how to decide which partition may be the best match for your organization’s security, compliance, and availability needs.

DoD Cloud Infrastructure as Code for AWS is now available

AWS is committed to supporting the mission of our Department of Defense (DoD) customers by providing innovative, efficient, and effective solutions. In support of this commitment, we are announcing the availability of DoD Cloud Infrastructure as Code (IaC) for AWS – a baseline that uses a collection of templates to enable defense mission owners to quickly build out secure, scalable cloud environments. DoD Cloud IaC for AWS is designed to help DoD organizations accelerate cloud adoption and support the rapid delivery of capabilities to the warfighter.

Create a secure and fast DevSecOps pipeline with CircleCI

In this blog post, we explain how government agencies can accelerate their development workflows while maintaining strict application and operational security using the principles of continuous integration and continuous delivery (CI/CD) and DevSecOps. We provide a solution to walk you through how you can quickly set up your own DevSecOps pipeline that incorporates AWS and third-party security tools to give you a fast, flexible, and secure software delivery process.