Future of Cloud Security: Thoughts from AWS Public Sector Summit

The CIS team wrapped up a great week at AWS Public Sector Summit in Washington, DC. In addition to spreading the word about CIS at our booth on the busy expo floor we also participated in sessions. Read on to find out what we learned about the future of cloud security.

Charles DeVoe Jr. – Senior Device Engineer

There was a great deal of interest in the things we are doing with the data lake as well as machine learning (ML). In most of the presentations I attended, people were getting up and leaving before the end, but in these two presentations I did not see anyone leaving early. I see the cloud security industry moving towards ML and artificial intelligence (AI) as the amount of data we now gather is getting very large. The only way to leverage the data and gain insights is by using these methods.

Kudos to Brian Calkin, CTO at CIS, for doing an excellent job in his presentations with AWS!

Justin Burr – Device Engineering Manager

To expand on what Charlie said – Machine Learning and AI is definitely the future for cybersecurity and other sectors as the amount of data we’re dealing with continues to grow. One session I went to on Wednesday morning titled “Staff Retainment Beyond Salary: Steps to Skill, Empower, and be an Employer of Choice” was eye opening in this regard. One of the main takeaways from that session is that Cloud Technology in general and Machine Learning specifically are the two biggest areas where we see a skill and talent gap in the workforce. It was encouraging to see how AWS is engaging in education programs along with organizations like The College Board. For CIS I think it validates our community outreach efforts and might give some ideas on how we can expand that.

Rich McGraw – Account Executive, Cloud Security

At my first conference representing CIS I was amazed by positive feedback from organizations attending. Many individuals approached me to simply say “thank you” for everything that CIS does. I found individuals familiar with CIS are not necessarily aware we offer the CIS Hardened Images through AWS Marketplace. The conference was great to build awareness with cloud security influencers and end users.

I attended Brian Calkin’s data lake presentation. Brian did a great job featuring CIS capability while describing a complex technology challenge. The room was full and engaged throughout the talk.

While walking around the expo floor I saw a theme of “zero trust” within the identity management space. Tools for workload provisioning and automation continue to be popular discussions.

Overall it was a great experience.

Greg Carpenter – Product Owner, Cloud

To echo what Rich said, I always receive “Thank You” and positive feedback for everything that CIS does at the conferences, and this one was no different. In speaking with this group and the focus being on the public sector there were a lot of questions and discussion for me around the intelligence community (IC) market and what we offer there. I always find it helpful as a PO to have the opportunity to talk to people about CIS and the products we offer to get their feedback in order to improve and create new ones in areas they are needed.

At a Microsoft session the focus was on the increased Windows and MS SQL workloads AWS is seeing and projecting. It presented some great product ideas around Workspaces, Windows Server, and MS SQL running on EC2 instance outside of RDS.

After Brian’s session we saw a spike in the attendees that stopped by the booth and commented on his presentation (positively of course) along with wanting to continue the discussion and learn more about CIS.

Brian Calkin – Chief Technology Officer

Thanks for the kind words everyone, regarding my talks!

My biggest takeaway is that there is a huge desire for anything related to machine learning. It’s really become an important subject as organizations are generating more and more data, and are struggling with having enough resources (people) to analyze and make sense of it all.

I’ll also add that I’m always impressed with number of people who are not only familiar with the work of CIS, but have already (or are in the process of) implementing the CIS Controls and CIS Benchmarks.

It is definitely an event worth attending again in the future.

Watch Brian’s talk:

Laura MacGregor – Director of Marketing

AWS Public Sector Summit was a great event for CIS. We had a steady stream of traffic at our booth, and it wasn’t just for the free socks, although they were a big hit! Lots of folks were interested in learning more about CIS Controls V7.1 and Implementation Groups, a new way to prioritize the CIS Sub-Controls.

It’s always great to hear from people who are familiar with CIS and how they use our resources. We had some great conversations about cloud security in particular, and how CIS Hardened Images can provide added security in the cloud.

Joining forces for cloud security

CIS was mentioned in several sessions including VP of Worldwide Public Sector Teresa Carlson’s keynote. The new Authority to Operate (ATO) on AWS program accelerates security and compliance certifications and authorizations. CIS is a proud launch partner with this new AWS program. Learn more about CIS’ involvement with ATO on AWS.