“Taking Control of your Half of the Shared Responsibility Model with AWS’ Native Security Tools” – Ryan Smith, Product Owner at Armor // @ryancsmith2222
Ryan Smith's talk from the AWS Chicago user group May 22 - Security
1. CONFIDENTIAL DO NOT DISTRIBUTE
TAKING CONTROL OF YOUR
SHARED RESPONSIBILITY WITH
AWS NATIVE SECURITY TOOLS
RYAN SMITH
@RYANCSMITH222
2
Product Owner
MAY 22, 2017
2. CONFIDENTIAL DO NOT DISTRIBUTE
Agenda
01 Security in AWS 101
02 Overview of the Tools
03 AWS Security in Action
2
4. CONFIDENTIAL DO NOT DISTRIBUTE
2017 Cyber Security Challenges
40%
910BN Record breaches in the last 10 years.
3.8M RECORD BREACHES
https://www.bloomberg.com/news/articles/2017-01-19/data-
breaches-hit-record-in-2016-as-dnc-wendy-s-co-hacked
INCREASE IN HACKS 2015-2016
$4M
Per Ponemon Institute.
Cost of Breaches: http://www-03.ibm.com/security/data-breach/
$4M AVERAGE COST OF DATA BREACH
Healthcare companies lose an average of
$355 per each stolen record
AVERAGE HEALTHCARE LOSS
$355
Of the large organizations that were breached over 70%
were deemed to be “compliant” while the breach
occurred
COMPLIANCE IMPACT
>70%
3.8M
910BN
99
Days
Dwell
“Sophisticated intelligence integration, automation,
and threat hunting should be the end-state goal for
organizations facing significant business risks and
exposure to cyber attacks. “
Per Mandiant M-Trends 2017 report
4
5. CONFIDENTIAL DO NOT DISTRIBUTE 5
https://aws.amazon.com/compliance/shared-responsibility-model/
That means the biggest threat to your cloud is
“you don’t know what you don’t know.”
Top Strategic Predictions for 2016 and Beyond – Gartner 2016
95%OF CLOUD SECURITY FAILURES
THROUGH 2020 WILL BE THE
CUSTOMERS FAULT.
http://www.gartner.com/newsroom/id/3143718
Security in AWS is a Shared Responsibility
6. CONFIDENTIAL DO NOT DISTRIBUTE
Models of Security
There are 3 general models of security that are good to follow in AWS:
Non-Repudiation – you should never be able to deny that you did something in a
cloud environment.
AAA Model – Authentication checks IAM for login user roles; Authorizations is your
permissions for your IAM roles; Accounting is the audit trail of activity in the platform –
this is CloudTrail.
CIA Framework/Triad Model – Confidentiality (data encryption, IAM, 2FA). Availability
(redundancy, HA clusters, availability zones). Integrity (file permissions, version and
access control, checksum, certificate managers, encryption, etc.
6
7. CONFIDENTIAL DO NOT DISTRIBUTE
Trends in How AWS Does Security
There are a couple of trends in how AWS is approaching security:
Security is at the Forefront – look at how big the security category is in their tooling;
announcements at ReInvent of Amazon GuardDuty and SF Summits this year with
AWS Firewall Manager and AWS Secrets Manager point to AWS seeing security as
market driver and differentiator
Security in the Model of the Cloud – AWS will focus on services that are simple to
enable, deploy, and build into your consumption billing constructs.
Tools will Remain Frameworks – They will look at security and compliance problems
as infrastructure-as-code solutions. Developers, partners, and customers will be able to
use these infrastructure-as-code frameworks to have security-as-code and compliance-
as-code.
7
There are 2 versions of the agenda slide. If you have a short list of items, then use this slide.
For help with using this PowerPoint template slide, contact Alfredo Ledesma at alfredo.ledesma@armor.com.
Use this slide to introduce a new section.
Use this template for content-heavy slides.
Use this template for content-heavy slides.
Use this slide to introduce a new section.
Use this template for slides with limited content. (The same template with different images can be found in the master slide deck.)
Use this slide to introduce a new section.
The “Thank You” slide should match the first slide.