Category: Security

State and local government organizations are experiencing an increase in cyber incidents that impact and disrupt citizen services. In 2021, US President Joe Biden signed the Infrastructure Investment and Jobs Act (IIJA), which created the State and Local Cybersecurity Grant Program (SLCGP) to provide funding to eligible entities to address cybersecurity risks and threats to information systems owned or operated by, or on behalf of, state, local, or tribal governments. This blog post guides you through some resources and approaches to consider as organizations strive to meet the SLCGP funding requirements.

Public sector organizations around the world share a common concern: how can they make sure their digital transformation maintains data security? The question comes up often when I meet with government leaders around the world in my role as a government transformation digital advisor at AWS. During my time in the UK Government’s Digital Service (GDS), and now in my work with government leaders, I’ve learned important lessons about transforming services securely in the cloud. Read on for some key takeaways.

Cybersecurity analytics is a systematic methodology designed to collect, ingest, process, aggregate, and analyze security events. This methodology empowers organizations to proactively perform security investigations, powered by advanced analytics and machine learning (ML), which help mitigate cyber issues more effectively and efficiently at scale. Learn about the core components of a cybersecurity analytics framework and how organizations can use AWS to design a cybersecurity analytics platform with analytics and ML services.

At Amazon, we believe cybersecurity skills training and workforce development are essential to addressing cybersecurity challenges. Leading into Cybersecurity Awareness Month, Amazon hosted Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), for a roundtable with leaders across higher education, state and local government, and private industry to discuss ways to develop the cybersecurity workforce through skills training, partnerships between government and industry, and creating pathways to cybersecurity careers. Learn more about how Amazon supports cybersecurity training.

In this blog post, we explain how government agencies can accelerate their development workflows while maintaining strict application and operational security using the principles of continuous integration and continuous delivery (CI/CD) and DevSecOps. We provide a solution to walk you through how you can quickly set up your own DevSecOps pipeline that incorporates AWS and third-party security tools to give you a fast, flexible, and secure software delivery process.

State and local government (SLG) organizations need to reflect and refocus on cyber hygiene and continuous improvement of their security posture. Here are some best practices for SLG chief information security officers (CISOs) and IT professionals to consider in their cloud journey.

AWS Top Secret-West is accredited to operate workloads at the Top Secret U.S. security classification level. The new Region adds multiple Availability Zones geographically separated from AWS Top Secret-East. With two Top Secret Regions, customers in the U.S. defense, intelligence, and national security communities can deploy multi-Region architectures to achieve the highest levels of resiliency and availability essential to their most critical national security missions.

The Canadian Centre for Cyber Security (CCCS) added more AWS services to its assessment of the AWS Canada (Central) Region, bringing the total number of assessed AWS services to 120. This provides Canadian public sector customers additional confidence that AWS Cloud services meet the Government of Canada’s security control requirements. Using these services in conjunction with the deployment of the open source AWS Secure Environment Accelerator (ASEA) solution reduces cloud service configuration time from months to days.

The Japan Digital Agency (DA) has selected Amazon Web Services (AWS) as one of the cloud service providers that support Government Cloud, which delivers common cloud infrastructure that central government agencies, local governments, and other government organisations can use. As a cloud services provider directly contracted with the DA, AWS will help the Japanese government modernize IT by directly offering advanced technologies and global best practices to help customers innovate securely at pace.

To offer security conscious enterprises and government agencies the ability to implement important governance and security controls, AWS acquired Wickr in June of 2021. Wickr helps organizations protect their collaboration with a secure and compliant solution. Built with a security-first mindset, Wickr delivers advanced security features not available with traditional communications services.