Join CIS at the 2022 AWS Summit in Washington, D.C.

The Center for Internet Security (CIS) is excited to sponsor and attend the 2022 Amazon Web Services (AWS) Summit Washington, D.C. at Booth 520. The event takes place at the Walter E. Washington Convention Center on May 23-25.

Registration is complimentary for this Summit.

Overview of the 2022 AWS Summit Washington, D.C.

At the event, attendees will hear from experts, peers, and public sector organizations that have migrated to AWS about modernizing their infrastructure. This year, the Summit also includes an industry pre-day, with content and activities dedicated to the federal government, healthcare, and startup organizations.

Why CIS Is Sponsoring and Attending This Event

CIS is sponsoring and attending the AWS Summit Washington, D.C. for several reasons. First, as the home of the Multi-State and Elections Infrastructure Information Sharing and Analysis Centers (MS-ISAC and EI-ISAC), we recognize the need to help U.S. State, Local, Tribal, and Territorial (SLTT) government organizations with their cybersecurity efforts. SLTTs operate closely with the citizens that they serve. This puts them in a position to better understand their constituents' needs and fulfill them in a timely manner, such as when a natural disaster strikes.

SLTTs are also responsible for delivering and maintaining water, transportation, and other critical services that help their citizens live their everyday lives. The issue is that many SLTTs' cybersecurity programs are under-resourced and under-supported. On their own, these government organizations often lack the funds and capabilities they need to maintain their cybersecurity.

CIS also manages the communities that build and maintain the CIS Benchmarks. The CIS Benchmarks are prescriptive guidance to safeguard systems against common cyber threats. CIS builds a subset of the CIS Benchmarks for Microsoft Windows and Linux operating systems along with Defense Information Systems Agency Security Technical Implementation Guides (DISA STIGs) requirements.

These resources don't just save organizations time and money when trying to achieve with DISA STIG compliance. They hey also help them understand what steps we're recommending and why we're recommending them. They do this by breaking down their security recommendations into the following components:

  • Rationale Statement – The specific reasoning a recommendation is being made
  • Audit Procedure – Step-by-step instructions for determining if the target system is in compliance
  • Remediation Procedure – Step-by-step instructions for applying a recommendation to the target to bring it into compliance
  • Impact Statement – Any non-obvious adverse security, functionality, or operational consequences that could arise

Along these same lines, CIS offers the CIS Hardened Images, pre-hardened virtual machine images (VMs) built to CIS STIG Benchmarks which are available in AWS Marketplace. Organizations can use these resources to help comply with STIG requirements in the cloud.

Attend This 2022 AWS Summit Washington, D.C. Session

Expo Session | Ease the DISA STIG Compliance Journey with CIS Resources

Location and Date: Expo Theater 2, May 24th at 10:00 AM EDT

Organizations large and small, and public and private, find themselves in a position where they need to comply with multiple cybersecurity regulatory and legal frameworks, including the STIGs. Fulfilling all of these compliance obligations can be a challenge, especially for organizations that work in a regulated industry.

To help organizations with their compliance programs, CIS offers certain CIS Benchmarks and CIS Hardened Images that map to the STIGs. Mia LaVada, CIS Product Owner of CIS Benchmarks and Cloud, will discuss these CIS STIG resources and highlight how organizations can use them to secure their assets wherever they're located.

Preparing for the 2022 AWS Summit Washington, D.C.

The 2022 AWS Summit Washington, D.C., is a great place to learn from the CIS team about the latest cybersecurity resources that can help your organization. Prior to the event, you can read more about CIS's cloud security resources for STIG compliance. You can also familiarize yourself with our free CIS Benchmarks in PDF format.