For a direct link to the detailed correlation between the CISA guidelines and AWS security controls, check out our Github page. This article discusses the implementation of CISA’s enhanced visibility and hardening recommendations for communications infrastructure, especially in light of recent cyber incidents attributed to entities from the People’s Republic of China.
In other news, we are excited to share that the 2024 PiTuKri ISAE 3000 Type II attestation report is now available, encompassing 179 services. The Finnish Transport and Communications Agency (Traficom) Cyber Security Centre has published PiTuKri, which outlines 52 criteria across 11 domains to guide organizations in maintaining robust security.
Additionally, AWS is proud to announce the issuance of the 2024 FINMA ISAE 3000 Type II attestation report, also covering 179 services. The Swiss Financial Market Supervisory Authority (FINMA) has established requirements for engaging with outsourced services, aimed at enhancing compliance for regulated financial services providers in Switzerland.
We are also renewing our commitment to security with the Multi-Tier Cloud Security (MTCS) Level 3 certification under the SS584:2020 standard. This certification was renewed in December 2024 for multiple AWS regions, excluding AWS GovCloud (US) Regions, highlighting our dedication to upholding high security standards in the cloud.
Furthermore, learn how AWS Network Firewall session state replication can enhance high availability for your application traffic. This managed, stateful network firewall provides fine-grained control over traffic, ensuring robust security measures.
In the second part of a series, we will delve into effective data authorization mechanisms to secure sensitive information used in generative AI applications. The previous installment discussed the risks associated with using sensitive data in non-deterministic large language models (LLMs), offering strategies for mitigation with Amazon Bedrock Agents.
Finally, Amazon Redshift is improving its security posture by modifying default settings for new clusters and workgroups. These changes are part of our ongoing commitment to safeguarding customer data.
For a technical guide, see our article on deploying an Amazon OpenSearch cluster to ingest logs from Amazon Security Lake, updated to enhance clarity and compatibility with OCSF 1.1. This is crucial for organizations needing to streamline log sources across their AWS environments.
For insights on aligning with the NIST Cybersecurity Framework in the AWS Cloud, refer to our newly updated whitepaper, a must-read for compliance professionals. You can find additional resources in this excellent Reddit thread.
Amazon IXD – VGT2
6401 E Howdy Wells Ave, Las Vegas, NV 89115
Leave a Reply