Minimize Cloud Risk at AWS Public Sector Summit 2019 with Amazon and CIS

Security and cloud experts from the CIS team are heading to Washington, DC on June 11-12 for AWS Public Sector Summit.

istock 954764292
Natali_Mis

Security and cloud experts from the CIS team are heading to Washington, DC on June 11-12 for AWS Public Sector Summit. We’ll be sharing information about CIS Benchmarks, CIS Hardened Images, and how our partnership with AWS helps with the Shared Responsibility Model. If your organization is working in the cloud or moving between cloud and on-premises infrastructure, this event is for you. Sessions at AWS PSS will help your organization implement security best practices to limit threats in the cloud. You'll discover how to defend against cyber-attacks while meeting compliance in cloud environments. Learn how to accelerate your time to conformance with various security standards and more at AWS PSS. 

AWS Public Sector Summit is a two-day gathering of over 13,000 skilled professionals with a passion for working in the cloud. There will be 100+ exhibitors and more than 160 sessions and workshops; giving attendees the opportunity to take their cloud security to the next level. AWS PSS also offers attendees the chance to meet the innovators involved with enhancing cloud offerings. You’ll also be able to join CIS at our booth. 

What's your cloud configuration?

Cloud security is essential as organizations leverage modern data infrastructures for greater efficiencies. Just like traditional data centers, hybrid and fully-cloud enabled environments need to be secured from cyber threats. Security in the cloud is a shared responsibility between your organization and any vendors providing cloud services, like AWS. Depending on provider(s) and set-up, your organization may be responsible for security tasks such as configuration management or installing regular updates. Other cybersecurity functions may be handled by the vendor, so check carefully and make sure you identify all responsibilities to minimize risk

When our organization was faced with over 1 terabyte of log analysis each day, we worked with AWS to find a flexible, secure solution as highlighted in the session below. 

Featured Session: Cyber Data Lake: How the Center for Internet Security Analyzes Billions of Network Traffic Records Per Day

SpeakerBrian Calkin, Chief Technology Officer

When: Tuesday, June 11 | 9:00 AM - 09:50 AM | Room 202A

At CIS, we needed analysis that could keep up with more than 10 billion network traffic logs for daily analysis. Hear from CIS Chief Technology Officer Brian Calkin and learn how we worked jointly with Amazon Professional Services to develop an architecture that uses native AWS to build a scalable, cost-effective system. This new architecture cuts down ingestion, enrichment, and access of data from a couple of days to a couple of minutes, allowing CIS to answer security inquiries more effectively. 

Compliance from the start

Public sector organizations often deal with multiple compliance requirements and regulatory frameworks. One way to help meet compliance for PCI DSS, FedRAMP, and other regulations is to implement CIS Hardened Images. CIS Hardened Images are pre-configured to meet CIS Benchmark configuration guidelines.  They're a simple solution to a complex problem, and they're part of AWS' vision for compliance in the cloud. CIS Hardened Images are available for operating systems and cloud container images to help your organization start secure and stay secure. 

Authority to Operate on AWS: Compliance as Code

Speaker: Tim Sandage, AWS

When: Tuesday, June 11 | 4:00 PM - 04:50 PM | Ballroom Stage A

CIS has been working with AWS and other cloud security partners to help public sector organizations on their path to compliance. In this session, you'll discover how your organization can leverage cloud automation to build compliant environments and meet regulatory frameworks. Learn more about this exciting way to accelerate your time to compliance.

Test your cloud security knowledge

GDPR, HIPAA, SOX - how can you tell if software meets these standards? Can your IT team minimize risk surface while applying security standards? Does your organization deploy a hybrid environment, or are your data and systems fully cloud-enabled? Come to this session to test your skills and walk out better prepared to spot resources that can truly help you on the path to compliance. 

Accreditation of Commercial Software, Myths and Methods

Speaker: Tim Sandage, AWS

When: Wednesday, June 12 | 2:30 PM - 03:20 PM | Room 207B

Working in the cloud is a hot topic. Can you tell what cloud information is “fake news?” Join our friend Tim Sandage from AWS in a fun, interactive way to break some common misconceptions about cloud security. Demystify risk and compliance for cloud infrastructure. Hint: you’ll learn a little bit about CIS in this session!

Chat with CIS - and more 

Just getting started with CIS Benchmarks and want to learn more about cloud security and compliance with other frameworks? Already using them and want to learn how to take your secure configuration to the next level? Stop by to chat with us at Booth 817B on June 11 to learn about:

  • How the CIS Controls and CIS Benchmarks are created by a global community of IT experts. These free resources can help your organization work toward compliance with common cybersecurity frameworks like FedRAMP, DoD CC SRG, PCI DSS, and more.
  • The free CIS AWS Foundations Benchmark, a resource to help securely configure your AWS environment as part of your Shared Security Responsibility.
  • How our unique consensus-development process leads to vendor agnostic security standards.

Don't wait until after the event to harden your cloud configuration. CIS Hardened Images help your organization speed policy to implementation with proven security best practices baked in. These preconfigured virtual machines of popular OS and cloud container images are hardened according to the security recommendations of the CIS Benchmarks. Each CIS Hardened Image comes with a conformance report displaying each CIS Benchmark recommendation applied, along with any which were not applied due to cloud restrictions. CIS Hardened Images offer all the flexibility and scaling power of the cloud while limiting configuration risks. 

 Learn more about CIS Hardened Images on AWS

Related: