A risk-based cybersecurity approach prioritizes threats based on their likelihood and impact. The goal is to shift security from a reactive checklist to a proactive driver of resilience, efficiency and business growth.
Amazon Web Services Inc. follows this approach to improve its security return on investment and increase resilience against evolving threats, according to Clarke Rodgers (pictured), office of the chief information security officer for AWS Security at AWS.
“We have to take a risk-based approach to what line of business we’re in, what industry we’re in, knowing our threat models, all that good stuff,” Rodgers said. “Then be a reasonable human being and say, ‘Here’s what we have to do. Let’s all work together to make sure we do that. Then, let’s give a little bit of reins, controlled reins, for people to experiment and do what they need to do for the business.’”
Rodgers spoke with theCUBE’s Dave Vellante and Rebecca Knight at Fal.Con, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed the role of a risk-based cybersecurity approach and AWS’s use of this strategy. (* Disclosure below.)
How AWS applies its risk-based cybersecurity approach with CrowdStrike
To operationalize its risk-based cybersecurity approach, AWS partners with CrowdStrike Holdings Inc. to strengthen endpoint protection. At the same time, Amazon GuardDuty functions like a smart security watchtower, scanning AWS environments for potential threats, according to Rodgers.
“AWS has two areas that we play in, “ he said. “We have security of the cloud, which is everything we do at AWS to make sure it’s the most secure cloud provider. On top of that, we also offer services that customers can use to make their environments a level of security that they need to have for their desires … GuardDuty or Security Hub, Inspector, all of these wonderful tools. Our tools don’t do everything, however, and that’s where there are areas for great partners like CrowdStrike to come in; they have their endpoint solutions.”
Embedding artificial intelligence and automation into security and deployment pipelines allows organizations to protect applications while accelerating feature releases. Amazon Bedrock Guardrails enhance developer efficiency with configurable safeguards that help streamline responsible, compliant generative AI applications, according to Rodgers.
“If the security team can make that developer more effective, meaning automate some of the checks, give them hardened images, experiment with AI … they can move faster because those guardrails are in place,” he said. “We recently announced Bedrock Guardrails or Guardrails for Bedrock. It’s a security and functionality combo that allows the business to actually move faster and make the business leaders … make quicker decisions.”
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of Fal.Con:
(* Disclosure: TheCUBE is a paid media partner for Fal.Con. Neither Amazon Web Services Inc., the sponsor of theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)
Photo: SiliconANGLE