At Amazon, we believe cybersecurity skills training and workforce development are essential to addressing cybersecurity challenges. Leading into Cybersecurity Awareness Month, Amazon hosted Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), for a roundtable with leaders across higher education, state and local government, and private industry to discuss ways to develop the cybersecurity workforce through skills training, partnerships between government and industry, and creating pathways to cybersecurity careers. Learn more about how Amazon supports cybersecurity training.
Federal Information Processing Standard (FIPS) 140-2 specifies the security requirements for cryptographic modules that protect sensitive information. It is the current United States and Canadian government standard, and is applicable to systems that are required to be compliant with Federal Information Security Management Act (FISMA) or Federal Risk and Authorization Management Program (FedRAMP). In this blog, we demonstrate how to enable FIPS mode in Amazon Linux 2 and verify that unauthorized cryptographic functions are not being used in OpenSSL or the OpenSSH server.
The AWS Quick Start for the Health Insurance Portability and Accountability Act (HIPAA) automates the deployment of a compliant AWS Cloud environment for healthcare workloads in just a few clicks. It builds a repeatable and auditable cloud reference architecture that addresses the 52 statutes of HIPAA Phase 1 and the 180 statutes of HIPAA Phase […]
The deadline to implement National Institute of Standards and Technology (NIST) Special Publication 800-171 is fast approaching. Beginning in January 2018, you may miss out on government funding that stipulates its implementation if you have not taken action. In 2015, NIST published Special Publication (SP) 800-171 – Protecting Controlled Unclassified Information in Non-federal Information Systems […]
Amazon is collaborating with teams participating in the Global City Teams Challenge (GCTC) – a program led by the National Institute of Standards and Technology’s (NIST), a non-regulatory agency of the United States Department of Commerce – to allow global cities access to smart city solutions directly from AWS. GCTC helps communities partner with innovators […]
National Institute of Standards and Technology (NIST) Special Publication 800-53 offers a comprehensive set of information security controls. The current version, revision 4, contains nearly one thousand controls spread across 19 different controls families. NIST 800-53 rev 5 is scheduled to be released in 2017 (initial public draft anticipated in late June 2017) with updates […]
Take the steps to deploy security-focused baseline environments on the AWS Cloud in this Quick Start demo. This Quick Start deploys a standardized environment that helps organizations with workloads that fall in scope for any of the following: National Institute of Standards and Technology (NIST) SP 800-53 (Revision 4) NIST SP 800-171 The OMB Trusted […]
We held our first NIST Workshop, titled “Architecting for FedRAMP High and NIST Workloads in AWS GovCloud (US),” where customers gained hands-on experience with our AWS Quick Start tools, learned how to automate compliance in AWS GovCloud (US), and discovered partner solutions from Telos and Trend Micro. Through workshops and other AWS resources, you can […]