Security evolution: Amazon’s bold move toward company-wide unified protection
In the midst of sweeping changes being driven by cloud and artificial intelligence innovation, the need for equally novel cybersecurity approaches is an equal counterbalance.
As new avenues open up for malicious actors to penetrate corporate infrastructures, Amazon Web Services Inc. is doubling down on a unified company-wide security approach for clear oversight and streamlined operations.
“Historically, we cared about security across the company, of course, and we had separate teams that handled different lines of business,” said Eric Brandwine (pictured), vice president and distinguished engineer at AWS.”But with Steve Schmidt taking this new role as chief security officer for the first time, we have one security team that covers the entire company. We have to make sure that as we move forward and appropriately centralize and consolidate our efforts, we enable each of those business line CISOs and each of those security teams to continue delighting their service teams [and] delight their customers.”
Brandwine spoke with theCUBE industry analyst John Furrier at the “Supercloud 5: The Battle for AI Supremacy” event, during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed AWS’ strategic shift in security in the burgeoning realm of generative AI.
Reinventing security at the top level
The AWS update is a seismic shift in the company’s security paradigm. With Schmidt assuming the role of chief security officer for Amazon, a unified security team now oversees the entire company. This consolidation aims to maintain the competence of individual security teams while fostering a centralized approach.
“There’s a CISO for every major line of business,” Brandwine said. “For example, we’ve got a CISO for the digital business, we’ve got a CISO for the consumer business, and we’ve got a CISO for the AWS business of course. But then there’s a number of other security teams that are smaller and embedded with other parts of the business. For example, we have a security team on Kuiper.”
Amazon’s Project Kuiper is an initiative aimed at facilitating broadband access via a satellite network in low Earth orbit. Such an initiative reflects the diversity within Amazon’s portfolio, encompassing retail, movies, studios, AWS, Twitch and more. Kuiper, in particular, is an example in tailoring security measures to unique concerns, as it requires specialized considerations due to International Traffic in Arms Regulations restrictions, Brandwine noted.
“[If] you’re going to be launching satellites into space, there’s a whole different set of concerns,” he explained. “Once they’re in orbit, they’re gone — you can’t touch them. You have to be able to do software updates securely. All of that stuff is ITAR-restricted, and so there’s a whole new layer of security controls that you have to put onto everything starting from your development processes.”
As with any system, the AWS security approach isn’t without its challenges. Chief among them is information sharing across diverse teams. The goal is to strike a balance, leveraging the wealth of perspectives across the organization while addressing the cost-to-serve concerns. Automation, centralization, and structured tools emerged as key strategies to empower service teams securely and cost-effectively, according to Brandwine.
Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s coverage of the “Supercloud 5: The Battle for AI Supremacy” event:
Photo: SiliconANGLE
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU