Cloud used to be a hard sell to chief security officers. Now vendors like Amazon Web Services Inc. are bringing them around. Cloud can, in fact, strengthen data security and elevate CSOs from infrastructure to higher code and development levels, according to Bill Shinn (pictured), principal security solutions architect at AWS.

“You have DevOps and now you have DevSecOps,” Shinn said. DevSecOps enables security teams to operate with greater agility, he added. Once cloud abstracts away infrastructure plumbing and patching, they can move onto more advanced security tasks.

“They can focus more on their code quality, more on engineering principals,” Shinn stated.

Shinn spoke with Stu Miniman (@stu) and John Walls (@JohnWalls21), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during today’s AWS Summit in New York City. (* Disclosure below.)

AWS made several security announcements at the even. To start, Amazon Macie classifies data objects in AWS S3 storage with machine learning algorithms. “It has a very differentiated classification engine,” Shinn said. Topic modeling, regular expressions and a variety of other tools help identify data.

Is Macie AWS’s answer to Europe’s General Data Protection Regulation, which goes live next May? “If you’re moving data by European citizens around, you really have to understand that data. I think Macie will be a big part of a lot of customers’ strategy on GDPR,” Shinn said.

AWS also released Elastic File System Encryption that natively integrates with key management systems.

And, in response to customer demand, the company has issued a new iteration of CloudHSM — managed hardware security module. This allows customers to use their own encryption keys on the AWS cloud. The latest version features greater integration with other services and automation.

Engineers and CSOs switch hats

Automation such as that introduced in CloudHSM and other AWS services can advance customers deeper into DevSecOps, according to Shinn. AWS is increasingly talking with security organizations about DevOps tool chains, he added.

“If security can get those fast engineering principals down, then they’re just as responsive. It also puts security in the hands of engineers and developers,” Shinn concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of AWS Summit. (* Disclosure: TheCUBE is an unpaid media partner for AWS Summit. Neither Amazon Web Services Inc. nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE