We use machine learning technology to do auto-translation. Click "English" on top navigation bar to check Chinese version.
Announcing the Amazon Web Services Blueprint for Ransomware Defense
In this post,
Amazon Web Services (Amazon Web Services)
introduces the
Amazon Web Services Blueprint for Ransomware Defense
, a new resource that both enterprise and public sector organizations can use to implement preventative measures to protect data from ransomware events. The Amazon Web Services Blueprint for Ransomware Defense provides a mapping of Amazon Web Services services and features as they align to aspects of the
Center for Internet Security (CIS) Critical Security Controls (CIS Controls)
. This information can be used to help customers assess and protect their data from ransomware events.
The following is background on ransomware, CIS, and the initiatives that led to the publication of this new blueprint.
The Ransomware Task Force
In April of 2021, the U.S. government launched the
Ransomware Task Force (RTF)
, which has the mission of uniting key stakeholders across industry, government, and civil society to create new solutions, break down silos, and find effective new methods of countering the ransomware threat. The RTF has since launched several progress reports with specific recommendations, including the development of the RTF
Blueprint for Ransomware Defense
, which provides a framework with practical steps to mitigate, respond to, and recover from ransomware. Amazon Web Services is a member of the RTF, and we have taken action to create our own Amazon Web Services Blueprint for Ransomware Defense that maps actionable and foundational security controls to Amazon Web Services services and features that customers can use to implement those controls. The Amazon Web Services Blueprint for Ransomware Defense is based on the CIS Controls framework.
Center for Internet Security
The
Center for Internet Security (CIS)
is a community-driven nonprofit, globally recognized for establishing best practices for securing IT systems and data. To help establish foundational defense mechanisms, a subset of the
CIS Critical Security Controls (CIS Controls)
have been identified as important first steps in the implementation of a robust program to prevent, respond to, and recover from ransomware events. This list of controls was established to provide safeguards against the most impactful and well-known internet security issues. The controls have been further prioritized into three implementation groups (IGs), to help guide their implementation. IG1, considered “essential cyber hygiene,” provides foundational safeguards. IG2 builds on IG1 by including the controls in IG1 plus a number of additional considerations. Finally, IG3 includes the controls in IG1 and IG2, with an additional layer of controls that protect against more sophisticated security issues.
CIS recommends that organizations use the CIS IG1 controls as basic preventative steps against ransomware events. We’ve produced a mapping of Amazon Web Services services that can help you implement aspects of these controls in your Amazon Web Services environment. Ransomware is a complex event, and the best course of action to mitigate risk is to apply a thoughtful strategy of defense in depth. The mitigations and controls outlined in this mapping document are general security best practices, but are a non-exhaustive list.
Because data is often vital to the operation of mission-critical services, ransomware can severely disrupt business processes and applications that depend on this data. For this reason, many organizations are looking for effective security controls that will improve their security posture against these types of events. We hope you find the information in the Amazon Web Services Blueprint for Ransomware Defense helpful and incorporate it as a tool to provide additional layers of security to help keep your data safe.
Let us know if you have any feedback through the
Amazon Web Services Security Contact Us
page. Please reach out if there is anything we can do to add to the usefulness of the blueprint or if you have any additional questions on security and compliance. You can find more information from the IST (Institute for Security and Technology) describing ransomware and how to protect yourself on the
IST website
.
If you have feedback about this post, submit comments in the Comments section below. If you have questions about this post,
contact Amazon Web Services Support
.
Want more Amazon Web Services Security news? Follow us on
Twitter
.