An expanding number of cloud services, including instances, infrastructure and small applications have added a note of urgency to enterprise security, and this will demand new approaches.

This was one of the clear takeaways from the keynote session at AWS re:Inforce, cloud giant Amazon Web Services Inc.’s security event in Boston today.

“There is no perimeter; the perimeter is dead,” said John Furrier (pictured, right), industry analyst for theCUBE, SiliconANGLE Media’s livestreaming studio. “The ‘new perimeter’ is every transaction at scale. You have to have a new model, and security posture needs to be rethought. They said that directly in the keynote.”

Furrier spoke with theCUBE industry analyst Dave Vellante (pictured, left) at AWS re:Inforce, during an exclusive keynote analysis broadcast on theCUBE. They discussed central themes from the keynote presentations during Day 1 at re:Inforce. (* Disclosure below.)

Areas of primary focus

Keynote speakers at AWS re:Inforce identified primary areas of focus for security, including data protection and privacy, governance, risk and compliance, identity network security, and threat detection. Yet the analysts were surprised at two specific areas not highlighted during the opening session.

“I was really surprised, given the focus on developers, they didn’t call out container security,” Vellante noted. “I also thought we’d hear more about ransomware. You must have air gaps if you want to cover yourself against ransomware, and they didn’t even mention that. It was kind of surprising.”

Because of its size and business volume, Amazon is a major target for hackers. The company’s chief security officer, Steven Schmidt, highlighted the staggering number of attacks the retail and cloud giant must deal with on a monthly basis.

“Schmidt talked about quadrillions of events every month, quadrillion is 15 zeroes,” Vellante said. “It’s amazing. Amazon has a scale where they’ll see events every day or every month that you might not see in a generation if you were running your own data center.”

Call for layered defense

Schmidt also issued a call to action for industrywide enablement of multifactor authentication as a defense against attacks. MFA is considered to be an effective way to combat threats by adding an extra layer of security to existing protections.

“Layered defense strategy was his core theme,” Furrier said. “He said don’t rely on single security control; use multiple layers.”

The AWS re:Inforce keynote session also included a presentation on the firm’s automated reasoning initiative, a project that automates proof search in mathematical logic and creates tools for use by customers based on provable security.

“If you have a large observation space like AWS, you can really put some killer computer science technology on this,” Furrier said. “That’s where this reasoning is; it’s next level stuff. It’s a part of AI that no one has tapped.”

The conference comes at a time when enterprise compute spending has marginally slowed in the face of post-pandemic economic uncertainty and continued worries about inflation.

“For budgets coming into this year, it was expected they would grow a very robust 8.5%,” Vellante said. “CIOs have turned that down, but it’s still pretty strong around 6%, and one of the areas that they really have no choice but to focus on is security. People are prioritizing cybersecurity, but it’s not an unlimited budget.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the AWS re:Inforce event:

(* Disclosure: This is an unsponsored editorial segment. However, theCUBE is a paid media partner for AWS re:Inforce. AWS and other sponsors of theCUBE’s event coverage have no editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE