kras99 - stock.adobe.com
AWS touts security culture, AI protections at re:Inforce 2024
AWS executives highlighted the company's longstanding security, which evoked comparisons to its chief cloud rival Microsoft and the recent Cyber Safety Review Board report.
PHILADELPHIA -- AWS executives at re:Inforce 2024 emphasized the cloud giant's strong security culture while unveiling new offerings and highlighting several measures designed to protect customers' AI projects.
AWS CISO Chris Betz kicked off his keynote Tuesday morning by touting the company's long-developed security culture as a primary differentiator for customers, noting that not all clouds are built the same way. "At AWS, we've developed a really strong security culture over a long period of time. Building and maintaining a culture requires constant investment and focus. This is important," Betz said. "A security culture is not built overnight and can be lost without consistent reinforcement and investment.:
Betz, who was previously CISO at AWS customer Capital One before joining the cloud giant last summer, said he gained a deeper appreciation for the company's focus on security. For example, he noted how AWS's leadership team and security leaders meet with individual services teams every Friday to discuss security issues those teams may have. Additionally, AWS Security Guardians are embedded within each service team to advocate for best practices and make fast security decisions.
"We also have, and benefit from, a culture of escalation," he said. "This is fundamentally part of the way Amazon operates. When there's a security issue, we are empowered and encouraged to escalate [it] to whatever level is necessary. To others, and companies I've been at in the past, escalations are a really sensitive topic and can be seen as a failure or a shortcoming."
Betz's remarks appeared to reference AWS's chief cloud rival Microsoft, which has come under fire over the last year following two high-profile breaches. A scathing report from the Department of Homeland Security's Cybersecurity Safety Review Board (CSRB) earlier this year called Microsoft's security culture "inadequate" and in need of an overhaul. In response, Microsoft announced an expansion of its Secure Future Initiative, a previously announced plan to reprioritize cybersecurity across all areas at the company.
In a press conference with media members following the keynote, Betz was asked if his emphasis on AWS's security culture was designed to evoke comparisons to Microsoft. "One of the things I appreciated about the CSRB report was how much it drove a conversation we've been having several years ago -- a conversation about culture," he said.
Betz said that security culture is a journey rather than a fixed point in time, adding that he had two primary goals for people who read the CSRB report. "One, for my peers, is to help them communicate to their leadership that security culture takes consistent time and investment," he said. "And the second is to help our customers understand how we operate."
Mark Ryland, director of the Office of the CISO at AWS, echoed Betz's comments and noted how the report stressed the importance of a strong corporate culture around security and accountability. "You can say that we're amplifying the message from the CSRB. That was one of their messages in the report, which we agree with," he told TechTarget Editorial.
Protecting AI data, workloads
Betz also focused on AI security in his keynote, highlighting several existing protections and new features. For example, he detailed how Graviton4 processors, introduced at least year's re:Invent conference, fully encrypt all high-speed physical interfaces, including DRAM and PCIe, to protect against hardware-based attacks.
Additionally, AWS implemented pointer authentication and branch target identification in Graviton4 chips to defend against ROP and JOP, or return-oriented programming and jump-oriented programming, attacks. He also noted defenses for side channel attacks on the chips.
"Over the last few years, we've seen many speculative execution vulnerabilities target simultaneous multi-threading SMT processors," he said. "With Graviton4, we provide additional defense in depth by eliminating SMT entirely at the chip level by ensuring that every thread of execution has its own core."
Betz also explained how AWS' Nitro System, a hypervisor for EC2 instances, has protections for AI data and workloads by enforcing restrictions that prevent third parties, including Amazon personnel, from gaining logical access to the underlying infrastructure. "The Nitro System is also a critical component for securing machine learning and generative AI (GenAI) workloads by isolating your AI data from AWS operators," he said. "In addition, it provides you a way to remove administrative access of your own users."
Lastly, AWS announced an enhancement to Nitro System's end-to-end encryption and Enclaves, which are isolated compute environments.
"Currently, Nitro Enclaves operate only in the CPU, and that limits the potential for larger generative AI models and more complex processing," Betz said. "And we announced our plan to extend Nitro end-to-end encryption flow to include first-class integration with ML accelerators and GPUs so that you'll be able to decrypt and load sensitive AI data into a machine learning accelerator for processing while providing isolation from your own operators."
Larry Carvalho, independent analyst at Robust Cloud, said AWS' focus on protecting AI data is the right strategy but argued the company should go even further, as securing workloads has become a priority for many organizations. "Customers are increasingly concerned about keeping data private when using Generative AI," he said. "This was evident at Apple's WWDC event, where Apple said it set a new privacy standard. While Amazon's announcements conveyed that customer AI data is private with Nitro and other tools, they could have done even more."
Ryan Lockard, principal, Banking and Capital Markets Lead, at Deloitte said virtually all the customer organizations he works with are at least exploring generative AI if not actively developing and deploying their own large-language models, and data security is a chief concern.
"Everyone wants to know who has the data and where it's going," Lockard said. "I think answering those questions is good business [for AWS]."
According to an IBM study published as part of RSA Conference 2024 last month, generative AI projects have a tendency to treat security as an afterthought. While 82% of surveyed C-suite executives acknowledged the importance of trustworthy and secure AI, only 24% were actively accounting for it in their GenAI-related projects.
Passkeys and malware detection
During his keynote, Betz also announced that AWS Identity and Access Management now supports passkeys for MFA. As AWS began rolling out its MFA requirement for privilege accounts, customers asked for greater flexibility with multifactor authentication types. As a result, AWS can secure accounts with passkeys, which support built-in authenticators, including Apple's Touch ID and Microsoft's Windows Hello facial recognition technology.
Passkey adoption from major technology providers has grown in recent years. Last year, Google introduced passkey support for customer accounts that included options for a PIN, facial recognition or fingerprint authentication. Okta also rolled out passkey adoption last year, saying it offered enterprise customers a more secure authentication method to defend against compromised credentials and MFA bypasses.
The importance of MFA has only become more pronounced, as multiple recent large-scale threat campaigns have relied on targets not having it. In late May, Check Point warned that threat actors were using a vulnerability to target VPN customers that don't have MFA enabled. More recently, threat actor UNC5537 launched a campaign against Snowflake database customers predominantly without MFA.
Lastly, Betz unveiled the launch of Amazon GuardDuty Malware Protection for Amazon S3, an expansion of the existing GuardDuty Malware Protection offering. The new offering gives customers the ability to scan objects as they're uploaded to S3 buckets for malware and suspicious activity and is fully managed by AWS. "Amazon S3 is foundational to many modern solutions, with more than 350 trillion objects and exabytes of data stored," he said. "Having the ability to scan these objects for malware is imperative."
Rob Wright is a longtime technology reporter who lives in the Boston area.
