IDENTIFY > PROTECT > DETECT > RESPOND > RECOVER.
These are the five key functions of the NIST Cybersecurity Framework. At PTP, we leverage the Framework as a vehicle to discuss the layered approach to security with our growing Amazon Web Services (AWS) customers, because as mature organizations know, there is no silver bullet for protecting data.
As an AWS Advanced Consulting Partner, we engage with our customers across the spectrum of cloud design, migration, operations and security. With new, innovative and impactful services being released by AWS weekly, we’re also educating our customers on the technical solution and business benefits these services entail. The conversation that is always layered across these services is ensuring that the right level of security is designed and deployed to meet the security needs of the customer. Enter the NIST Cybersecurity Framework as the foundation for the discussion.
Earlier this year, AWS released this White Paper to provide guidance on aligning the NIST Cybersecurity Framework with the AWS Cloud. As AWS customers are intimately aware, the AWS Shared Security Model outlines the responsibilities of both AWS and the customer, for security of the cloud and security in the cloud, respectively. This white paper outlines AWS’ security of the cloud and it’s alignment with the most widely-accepted cybersecurity framework in our industry. In an excerpt from the white paper AWS states, “When deploying AWS solutions, organizations can have the assurance that AWS services uphold risk management best practices defined in the CSF and can leverage these solutions for their own alignment to the CSF.”
Our role at PTP is to help our customers leverage a technology platform that can help accelerate their business in AWS, work from an acceptable framework in NIST for employment of data security practices, and fill gaps with our PeakPlus services between the AWS security of the cloud and our customers’ capabilities to secure their users’ access to the cloud and their data in the cloud.