Skip to main content

AWS CISO: Why our new Security Lake is a game-changer for the industry

The recent AWS re:Invent 2022 event in Las Vegas saw the cloud giant unveil a host of new releases across its technology portfolio, but this year, one of the biggest launches was about keeping data safe.

Amazon Security Lake is a new security-focused data lake service aimed at helping users get more out of their security information, looking to centralize all of an organization’s cloud and on-premise security data into a single location, and will make it easy for security teams to automatically collect, combine, and analyze it on a petabyte scale.

Speaking to TechRadar Pro at the event, CJ Moses, CISO and VP of security engineering, AWS, was perhaps unsurprisingly keen to highlight the importance of the launch, calling Security Lake "the cornerstone" of the company's security-themed announcements at the event.

Amazon Security Lake

"This is the big game-changer," he says. "There is nothing else like it in the industry - that’s why we had to build it...there are other data lakes, there’s other security data lakes, but they’re beholden to the analytics platform that’s providing - and that’s not how we roll."

Built on Amazon S3, the company says new analytics can be created, “in just a few clicks”, letting security teams drill down precisely into potential security threats.

"We wanted to be an open platform with an open schema that’s open source so that everyone can use it, regardless of providers or otherwise," Moses notes.

AWS re:Invent 2022 logo sign

(Image credit: Future / Mike Moore)

With security threats ever-present for many businesses, the responsibility of keeping such a large (and broad) customer base safe is an incredible load to bear.

However, Moses is not put off by the task, noting that AWS and its employees are used to working on a large scale, with a company culture based around fixing things:

“I don't look at it as a burden... if you're used to operating in a certain way, and doing certain things, you become accustomed to it”."

He notes that the threat landscape is increasingly turbulent, with the global geo-political situation and macro-economic worries making criminals increasingly desperate.

“When people aren’t able to put food on the table, they’ll do dire things," he notes, highlighting an uptick in threats on the internet as a whole.

"Everything that happens from a threat perspective, there's always a human behind the keyboard, and those humans have motivations - you have to look at those motivations, and determine what level of threat they are, and subsequently how much risk we carry from those actors."

"We're keeping bad things from happening to good people, not just across our cloud, but the entire environment."



Source: TechRadar

Popular posts from this blog

Code-generating tools could be more of a security hindrance than help

New research by a group of Stanford-affiliated researchers has uncovered that code-generating AI tools such as Github Copilot can present more security risks than many users may realize. The study looked specifically at Codex, a product of OpenAI, of which Elon Musk is among the co-founders.  Codex powers the Microsoft-owned GitHub Copilot platform, which is designed to make coding easier and more accessible by translating natural language into code and suggesting changes based on contextual evidence. AI-coding problems Lead co-author of the study, Neil Perry, explains that “code-generating systems are currently not a replacement for human developers”. The study asked 47 developers of differing abilities to use Codex for security-related problems, using Python, JavaScript and C programming languages. It concluded that the participants who relied on Codex were more likely to write insecure code compared with a control group. Read more > These are the best laptops for progr

Port of Lisbon hit by ransomware attack

One of Europe’s busiest seaports, the Port of Lisbon, has been hit with a ransomware attack that knocked some of its digital systems offline. "All safety protocols and response measures provided for this type of occurrence were quickly activated, the situation being monitored by the National Cybersecurity Center and the Judicial Police," a statement shared by the Port of Lisbon Administration (APL) with local media earlier this week said. The incident failed to impact the port’s operations, but did take its official website, portodelisboa.pt, offline. LockBit taking responsibility "The Port of Lisbon Administration is working permanently and closely with all competent entities in order to guarantee the security of the systems and respective data," the statement concludes. While the company doesn’t explicitly say it was targeted with ransomware, the LockBit ransomware operator has added APL to its leaks website, taking responsibility for the hit.  The databas

This new Linux malware floods machines with cryptominers and DDoS bots

Cybersecurity researchers have spotted a new Linux malware downloader that targets poorly defended Linux servers with cryptocurrency miners and DDoS IRC bots. Researchers from ASEC discovered the attack after the Shell Script Compiler (SHC) used to create the downloader was uploaded to VirusTotal. Apparently, Korean users were the ones uploading the SHC, and it’s Korean users who are targets, as well. Further analysis has shown that the threat actors are going after poorly defended Linux servers, brute-forcing their way into administrator accounts over SSH.  Mining Monero Once they make their way in, they’ll either install a cryptocurrency miner, or a DDoS IRC bot. The miner being deployed is XMRig, arguably the most popular cryptocurrency miner among hackers. It uses the computing power of a victim's endpoints to generate Monero, a privacy-oriented cryptocurrency whose transactions are seemingly impossible to track, and whose users are allegedly impossible to identify. Fo

Twitter has hidden the chronological feed on iOS again – and I'm furious

In a controversial move, Twitter has brought back a feature that removes the 'Latest Tweets' view for users on iOS, which is something that many users, including me, hated back in March 2022 – and it's now rolling out. The first time the company decided to do this, 'Home' would appear first in a tab at the top, and there was no way of changing it so that 'Latest Tweets' would be the default view. It was reverted back after the company said it was a 'bug' for iOS users. This time though, it's no bug. Instead, it's 'For You' and 'Following' where you can only swipe between them now, which doesn't make much sense for a platform where you're using the platform to keep up to date with who you follow. It's a bizarre change that makes me ask – who wants this, especially during a time when its new owner, Elon Musk, is bringing in and reversing changes almost every week still? This one change will have big consequenc