At the recent AWS re:Inforce conference in Philadelphia, AWS CISO Chris Betz emphasized the importance of maintaining a culture focused on security as a top priority. He highlighted the dedication to security culture at AWS, led by CEO Matt Garman, where security leaders have the opportunity to meet with individual service teams to discuss important security topics. This dedication to security culture is crucial for Managed Service Providers (MSPs) as they increasingly become the front line in the fight against cybersecurity threats.
Betz stressed the significance of developing new habits within organizations to prioritize safety, stating that culture is key to designing systems that are secure by design. He mentioned that cultivating a security culture is an ongoing process that requires investment and begins with a motivated individual. Upon joining AWS, Betz noted that security was the primary focus, leading to the development of processes and mechanisms that exhibited consideration and maturity within the organization.
During the conference, AWS announced its intention to introduce multi-factor authentication (MFA) to users, with support for FIDO2 access keys. This initiative is aimed at helping customers meet their MFA requirements and enhance their default security posture. Mark Ryland, Amazon’s chief security officer, emphasized the desire to provide a more user-friendly and convenient form factor for users.
Additionally, AWS introduced support for FIDO2 access keys as an MFA method in order to align with customer requirements and strengthen default security posture. Arynn Crow, senior manager of user authentication products for AWS Identity, highlighted that customers can now utilize built-in authenticators on their devices to add cryptographically phishing-resistant credentials for authentication purposes.
Overall, the conference emphasized the importance of maintaining a security-focused culture within organizations and the significance of continually investing in security practices. Betz and other speakers underscored the need for organizations to prioritize security in their daily operations and empower individuals to embed security throughout the organization. By implementing measures like MFA and leveraging technologies such as FIDO2 access keys, organizations can enhance their security posture and better protect against evolving cybersecurity threats.
Article Source
https://www.channele2e.com/news/aws-reinforce-msps-should-focus-on-security-culture