Move Fast AND Stay Secure: A CyCon Recap
Our customers around the world are both “thinking big” and “going big” – driving transformative change through the cloud. Before the cloud, government agencies spent a lot of time and resources managing their own data centers and co-location facilities, which meant time they were not spending on their core organizational missions. With the cloud, organizations, such as government agencies can function more like startups that move at the speed of ideas.
We believe in innovating on behalf of our customers and we see the cloud as a true mission enabler. And innovation can help private and public sector organizations stay ahead of cyber threats.
At CyCon, The International Conference on Cyber Conflict, Teresa Carlson, VP of AWS Worldwide Public Sector, shared three things that we can do together to improve cybersecurity:
- Policy – The public and private sectors need to work collaboratively to ensure that the right policies are in place to enable business in the cloud.
- Security – Let’s work together to ensure that we have all of the leading compliance standards and security processes in place to build a more secure world.
- Education – Let’s commit to creating the right environment for mentorship, both at the individual level and business-to-business. Together, we can bring the right tools, technology, and training to close the cyber skills gap.
In the past, organizations had to choose between moving fast OR staying secure. With the cloud, it’s possible to move fast AND stay secure. Below are examples of how governments – both local and federal – use the cloud to continue to innovate quickly, while staying secure.
Innovation in the City
The City of Los Angeles is one of the largest targets for cyber attacks in the nation. Due to the size of the city’s operations — 35,000 employees distributed across 37 different departments — on an average day, the city records more than 130 million security messages from more than 120,000 connected devices.
The city needed a better way to ingest this data, process it, and identify security events to better monitor potential security incidents and coordinate their incident response teams. To do this, the City of Los Angeles leveraged the AWS Cloud to provide storage and compute power for its custom-developed security information and event management (SIEM) system, which supports their integrated Security Operations Center (SOC).
As a result, the five cybersecurity teams that support the entire city have been able to more effectively manage their security operations and process security events across departments faster, resulting in faster response times.
Partnership in Cyber
Protecting U.S. cyber assets has become a top-level priority for government and the private sector – and through that, we are seeing new partnerships emerge. The Department of Defense (DoD) has been fighting adversaries who have harnessed technology to attack the U.S. To defend the DoD’s information networks, cyber analysts must comb through the vast, unstructured volume of DoD cyber defense data to detect, assess, and mitigate cyber threats and act quickly.
To support this mission, APN partner, Enlighten IT Consulting, developed and deployed the Big Data Platform (BDP) for one of their DoD customers. The platform, which runs in the AWS Cloud, is used by mission partners across the DoD. The BDP is a robust and scalable architecture capable of ingesting, storing, and visualizing multiple petabytes of cyber data. Its distributed data structures and streaming ingest capabilities provide storage and retrieval rates in the millions of records per second. EITC also developed and deployed a suite of cyber situational awareness analytics to the BDP, giving analysts tools for accelerated attack detection, diagnosis, and threat mitigation. When hosted in our AWS GovCloud region, the components of the BDP and the cloud mesh to create a secure platform accredited for use across the DoD.
Cloud security at AWS is the highest priority. Learn how, as an AWS customer, you will benefit from a modern cloud computing architecture built to meet the security requirements of the world’s most security-sensitive organizations.