Tag: cloud security

Amazon Web Services (AWS) has collaborated with the UK National Cyber Security Centre (NCSC) to tailor advice on how UK public sector customers can use the Landing Zone Accelerator on AWS (LZA) to meet the NCSC’s guidance on “using cloud services securely.” Read this blog post to learn how the LZA on AWS can support each recommended action in the NCSC’s guidance.

This blog post provides technical guidance for UK organisations to implement their landing zone in-line with guidance from the UK National Cyber Security Centre (NCSC) using the LZA. 

In this blog post, learn how Amazon Web Services (AWS) helps Government of Canada (GC) customers move workloads into production in the AWS Canadian Regions. This requires putting their workloads through the Security Assessment & Authorization (SA&A) process and can pose headwinds for GC customers developing applications to support digital modernization efforts.

With a growing focus on cybersecurity and available grant funding, many states are planning to protect state agencies, cities, counties, and schools. At the state and federal levels, programs are funded to support these efforts. State and local government (SLG) agencies now have procurement questions to ask and decisions to make to maximize governance and security, simplify vendor management, and accelerate the overall process within a heavily regulated procurement environment. Learn three important considerations for public sector procurement of cybersecurity solutions, as well as best practices from AWS for leveraging these new cybersecurity programs.

Many organizations within state and local government (SLG) and education must build digital environments and services that meet a variety of dynamic security and compliance considerations, such as StateRAMP and Federal Information Security Management Act (FISMA). Learn key top-level best practices from AWS for how to use AWS Security Services to meet the unique needs of education and SLG organizations.

Public sector organizations around the world share a common concern: how can they make sure their digital transformation maintains data security? The question comes up often when I meet with government leaders around the world in my role as a government transformation digital advisor at AWS. During my time in the UK Government’s Digital Service (GDS), and now in my work with government leaders, I’ve learned important lessons about transforming services securely in the cloud. Read on for some key takeaways.

At Amazon, we believe cybersecurity skills training and workforce development are essential to addressing cybersecurity challenges. Leading into Cybersecurity Awareness Month, Amazon hosted Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), for a roundtable with leaders across higher education, state and local government, and private industry to discuss ways to develop the cybersecurity workforce through skills training, partnerships between government and industry, and creating pathways to cybersecurity careers. Learn more about how Amazon supports cybersecurity training.

This post aims to provide a summary of all the currently disclosed Apache Log4j issues as well as important resources that Amazon Web Services (AWS) has released to help our customers and partners limit any risks posed by these issues.

State and local government (SLG) organizations need to reflect and refocus on cyber hygiene and continuous improvement of their security posture. Here are some best practices for SLG chief information security officers (CISOs) and IT professionals to consider in their cloud journey.

The Canadian Centre for Cyber Security (CCCS) added more AWS services to its assessment of the AWS Canada (Central) Region, bringing the total number of assessed AWS services to 120. This provides Canadian public sector customers additional confidence that AWS Cloud services meet the Government of Canada’s security control requirements. Using these services in conjunction with the deployment of the open source AWS Secure Environment Accelerator (ASEA) solution reduces cloud service configuration time from months to days.