Cloud Compliance: A New Generation of True Automation | AWS Public Sector Summit 2016
-
Upload
amazon-web-services -
Category
Technology
-
view
614 -
download
0
Transcript of Cloud Compliance: A New Generation of True Automation | AWS Public Sector Summit 2016
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Presenters:
Steve Horvath, VP Strategy & Vision, Telos
Brett Miller, Senior Consultant, AWS
Hugh Barrett, VP Technical Solutions, Telos
Russell Marsh, CISO, Department of Energy - IN
Cloud Compliance: A new Generation of True Automation
Agenda
• About Telos Corporation
• IT GRC – Then and Now
• Xacta, Accelerating Compliance in the Cloud
• Demonstration
• Voice of the Customer
• Q&A
1
Steve Horvath, CISSP, PMPVice President, Strategy & Vision
Telos Corporation
2
About Telos Corporation…
Cyber Security Secure Mobility Identity Management
• Defend the most attacked computer
networks in the world
• Largest provider of continuous risk
management software to the US
Government
• Protect over 10,000 systems
worldwide
• Our Xacta solution is the system of
record for the US Intelligence
Agencies, special operations and
most of the Department of Defense
• Largest provider of wireless
deployments in the US Government
• Telos’ Ghost product makes you
virtually untraceable on the network
• Telos’ Secure Communications
platform is system of record for all of
DOD, Intelligence Community, State
Department, White House, as well as
NATO
• Integrator of record for the largest
identity management application in
the US Government
• Provide real time identity background
checks through direct relationship with
the FBI
• Identity vetting application deployed at
over 42 airports across the US
• IDTrust360 solution gives you
continuous way to look at insider
threat
3
Select Telos Customers
4
IT GRC – Then and Now1990s – Security as the Department of ”NO!” via Chicken Little philosophy
2000s – Security as a Necessary Evil, try to make it painless (security architecture)
2010s – “THEY WERE RIGHT!” – Culture changing to Security as Business Enabler
TODAY
Average IT Systems can take between 6 months and 2 years to implement
and deploy largely due to compliance mandates that MUST be met…
• AWS Enterprise Accelerator for Compliance combined with the Xacta software solution for
Risk Management dramatically reduces time to value for the customer (estimating 20-50%
reduced time & labor costs)
• Critical to continued success and speed to compliance or capability is the market leading
Xacta software’s core capabilites of Automation and Advanced Inheritance
5
6
Xacta Product Overview
Compliance & Risk Management as Capability Enablers
• Amazon Machine Images (AMIs) built & developed with security & compliance
as primary concern
• Compliance and Security Control Documentation for AMIs developed, staged
within Xacta and continuously updated via Xacta Continuum
• Customers ”inherit” validated controls and recommendations within Xacta
• Organization thereafter only responsible for documenting remainder of
compliance/security controls
Time to Value
Organizations will be able to develop, document & deploy (D3) IT systems that
leverage the Cloud/Cyber partnership in dramatically less time
7
Brett Miller, CISSPSenior Consultant, AWS
8
AWS Share Responsibility Model
9
Customer Challenges
Meeting compliance requirements (NIST, PCI,
HIPAA, CJIS, etc.)
Choosing from a myriad of options when
designing for the cloud
Making many critical decisions to ensure a
secure application when using the AWS
Shared Responsibility Model
Mapping security controls to numerous AWS
services
− Example: 400 NIST 800-53 Security
Controls to 42 AWS Services
Error prone and time-consuming manual
configuration of AWS resources
AWS developed the AWS EA Quick Start to address
major customer challenges when moving to AWS
AWS Solution: AWS EA Quick
Start
Standardized for specific use cases
Address security/compliance
requirements and AWS best
practices
Ready to be pre-approved by
customer assessment organizations
Ready to deploy “out of the box”
Customizable
Xacta featuring AWS Accelerator for Compliance
AWS accelerates IT architecture
deployment baselines.
Xacta concurrently accelerates IT security
compliance baselines by integrating Xacta
with AWS Enterprise Accelerator for
Compliance.
Together, AWS and Xacta get you to the
cloud faster.
Hugh Barrett, CISSP, CSSLPVice President, Technical Solutions
Telos Corporation
12
Russell Marsh, CISSP, SFCP, IAMCISO, Department of Energy - IN
13
Next Steps
• See us at Booth #609 for an in-depth demo and pricing information
• Visit Telos.com to download our whitepaper
• Connect with us at:
• Facebook.com/TelosCorporation
• Twitter.com/Telosnews
• LinkedIn.com/company/Telos-Corporation
• Youtube.com/user/TelosCorporation
14
Questions
• Steve [email protected]
• Hugh [email protected]
• Brett [email protected]
Contact Information
See us at Booth #609 for more info
and an in-depth demo
Visit Telos.com
15
Thank you!