In the midst of sweeping changes being driven by cloud and artificial intelligence innovation, the need for equally novel cybersecurity approaches is an equal counterbalance.

As new avenues open up for malicious actors to penetrate corporate infrastructures, Amazon Web Services Inc. is doubling down on a unified company-wide security approach for clear oversight and streamlined operations.

“Historically, we cared about security across the company, of course, and we had separate teams that handled different lines of business,” said Eric Brandwine (pictured), vice president and distinguished engineer at AWS.”But with Steve Schmidt taking this new role as chief security officer for the first time, we have one security team that covers the entire company. We have to make sure that as we move forward and appropriately centralize and consolidate our efforts, we enable each of those business line CISOs and each of those security teams to continue delighting their service teams [and] delight their customers.”

Brandwine spoke with theCUBE industry analyst John Furrier at the “Supercloud 5: The Battle for AI Supremacy” event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed AWS’ strategic shift in security in the burgeoning realm of generative AI.

Reinventing security at the top level

The AWS update is a seismic shift in the company’s security paradigm. With Schmidt assuming the role of chief security officer for Amazon, a unified security team now oversees the entire company. This consolidation aims to maintain the competence of individual security teams while fostering a centralized approach.

“There’s a CISO for every major line of business,” Brandwine said. “For example, we’ve got a CISO for the digital business, we’ve got a CISO for the consumer business, and we’ve got a CISO for the AWS business of course. But then there’s a number of other security teams that are smaller and embedded with other parts of the business. For example, we have a security team on Kuiper.”

Amazon’s Project Kuiper is an initiative aimed at facilitating broadband access via a satellite network in low Earth orbit. Such an initiative reflects the diversity within Amazon’s portfolio, encompassing retail, movies, studios, AWS, Twitch and more. Kuiper, in particular, is an example in tailoring security measures to unique concerns, as it requires specialized considerations due to International Traffic in Arms Regulations restrictions, Brandwine noted.

“[If] you’re going to be launching satellites into space, there’s a whole different set of concerns,” he explained. “Once they’re in orbit, they’re gone — you can’t touch them. You have to be able to do software updates securely. All of that stuff is ITAR-restricted, and so there’s a whole new layer of security controls that you have to put onto everything starting from your development processes.”

As with any system, the AWS security approach isn’t without its challenges. Chief among them is information sharing across diverse teams. The goal is to strike a balance, leveraging the wealth of perspectives across the organization while addressing the cost-to-serve concerns. Automation, centralization, and structured tools emerged as key strategies to empower service teams securely and cost-effectively, according to Brandwine.

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the “Supercloud 5: The Battle for AI Supremacy” event:

Photo: SiliconANGLE