This blog post was created in collaboration with Amazon Web Services (AWS).
As government agencies continue to deal with the challenges of managing a remote workforce, data security is a top priority. In particular, the threat of ransomware at state and local agencies has only heightened in recent months. Cybercriminals see new opportunities to attack agencies by exploiting unsecured cloud-based services that were deployed as part of the shift to remote-work.
One of the primary reasons that an organization moves to the cloud is for enhanced security. Cloud native security tools enable businesses and organizations to identify and defeat cyberattacks in seconds. The cloud also enables zero touch, providing agencies with instant visibility risk assessment, and central policy management.
“Security is essential to everything we do and everything we build at AWS. We always say it’s priority zero, because there’s nothing more important than security,” said Sandy Carter, Vice President of Worldwide Public Sector Partners and Programs at Amazon Web Services (AWS). “AWS is built around privacy and data security. Since day one, we’ve ensured that our customers retain ownership and control of their data, along with the ability to encrypt it, protect it, move it, or delete it in alignment with their organizations’ policies.”
Public sector agencies are turning to private industry for such cloud solutions, including those who are part of the AWS Partner Network (APN). Here are some examples of how APN Partners are collaborating with public sector organizations to enhance data protection and security.
- Identify & Defeat Cyberattacks: SentinelOne, the autonomous cybersecurity platform company, has made its SentinelOne Core solution available free of charge, enabling enterprises to secure remote work as the world combats COVID-19. SentinelOne protects enterprises of all sizes with AI-powered cloud native technology that autonomously identifies and defeats cyberattacks and is deployable in seconds.
- Security & Compliance Requirements: Smartronix, an IT service management company, has created Cloud Assured Managed Services (CAMS), a FedRAMP Moderate multi-tenant managed services capability built on AWS. CAMS enables customers to inherit security, sustainment and compliance (PCI, HIPAA, FedRAMP, DOD requirements) requirements for any workload hosted. Customers using this solution include federal agencies, ISVs, and non-profit organizations.
- Security Visibility & Incident Monitoring: Guardicore, a data center and cloud security company, provides security visibility, micro-segmentation and incident monitoring for organizations. Their solutions help customers install, define, and configure granular security controls for workloads, wherever they reside. They enable customers to set policies to allow employees to work from home while staying secure and compliant.
- Malware Campaigns: Trend Micro, a global leader in enterprise data security and cybersecurity solutions, has deployed researchers to periodically source for samples on COVID-19 related malicious campaigns. Their report, “Developing Story: COVID-19 Used in Malicious Campaigns,” also includes detections from other researchers. Their research found, that in Q1 2020, there were 907,000 spam messages and 48,000 hits on malicious URLs related to CoVID-19. See how Trend Micro is helping businesses secure their AWS remote work environments.
- Combating Cyber Threats: CrowdStrike, a global cybersecurity leader, created a report entitled “Cyber Threats Heightened by COVID-19 and How to Protect Against Them” to help agencies track COVID-19 related adversary activity. The report provides an overview of tactics and observed cyber threats (e.g., phishing, eCrimes, targeting intrusions and targeted remote services and tech support scams), and provides recommendations for defending against COVID-19 Scams.
- Technical Cybersecurity Threats: Recorded Future, a global real-time cyber threat intelligence provider, has investigated how threat actors are using the global disruptions caused by COVID-19 to further their cyber-threat activities. Their research is targeted toward those who hope to understand the technical cybersecurity threats that have emerged.
- Zero-Touch Network Security: AlgoSec, a provider of software for network security policy management, developed a solution called AlgoSec CloudFlow, that can discover, map, and migrate business application connectivity. CloudFlow proactively analyzes the risks associated with cyberattacks to a business’ processes and intelligently automates network security changes with zero touch.
- Cybersecurity Advisory Services: Deloitte is helping organizations understand the emerging cyber risks driven by changing operating environments and ecosystems as workforces shift remote and supply chains diversify. By taking an advanced analytics approach leveraging AWS, Deloitte is able to help customers discover, analyze, and visualize unknown relationships within vast data collections to identify, respond to, or mitigate asset/infrastructure vulnerabilities. This gives organizations a high-resolution picture of their cyber landscape from an adversary’s perspective, thus providing new insights to drive improved cyber situational awareness during these changing times.
Learn more about the full range of partner solutions and how they can help your agency combat cyberattacks on the APN website.