[ad_1]
Companies often struggle with how to respond to cybersecurity incidents. According to a recent one reconnaissanceOnly three out of five organizations have an incident response plan, and only about a third carry out regular training to ensure their plans remain effective.
The consequences of poor incident response are costly. International Monetary Fund Estimates Cyber attacks will cost the world more than $23 trillion by 2027, up from about $8.4 trillion in 2022.
Against this backdrop, Amazon sensed an opportunity. Today, Amazon Web Services (AWS), the company’s cloud computing division, launched AWS Security Incident Response, a service aimed at reducing the time it takes a company to recover from a cyberattack.
Hart Rossman, vice president of global services security at AWS, told TechCrunch that the new service is designed to help security teams combat account takeovers, breaches, ransomware attacks, and other business intrusions along these lines.
“We have received feedback from customers that implementing effective security incident response programs is challenging due to reliance on different tools, services, and people that are difficult to scale as organizations and business needs evolve,” he said. “AWS Security Incident Response can now be used as a single source of truth for security incident response.”
AWS Security Incident Response automatically triages results from Amazon GuardDuty, Amazon’s threat detection service, and supported third-party cybersecurity tools. Through a dashboard with integrated messaging and data transfer modules, customers can adjust alert settings and account permissions, review active events, historical data, and metrics such as the average time it takes to resolve an incident.
Amazon Web Services (AWS) Blog post The service has more:
Customers can enable the Proactive Incident Response feature, which creates service-level permissions that allow Security Incident Response to monitor and investigate findings… These findings are automatically sorted and processed using a set of automated services and customer-specific data, including common IP addresses… and any Results that cannot be remedied, security incident response will create a security incident which will notify the appropriate stakeholders within the client organization.
In this regard, AWS Security Incident Response is not all that different from products offered by countless incident response startups. To name a few, there’s FireHydrant, Rootly, and the most premium Incident.io, which runs almost entirely within Slack.
So what’s so special about AWS? Well, Rossman says, it includes support from AWS’s dedicated Customer Incident Response team. (However, customers can choose to handle incidents themselves or engage with third-party vendors and partners.) There’s also the fact that AWS Security Incident Response may simply be the more convenient option for businesses that already rely on other AWS security solutions.
“AWS Security Incident Response works with all AWS detection and response services, by continuously identifying and prioritizing security issues,” Rossman said.
AWS Security Incident Response is generally available today via the AWS Management Console and service APIs. Amazon says customers including the PGA Tour have already deployed it.
If Amazon finds success with AWS Security Incident Response, it could be very profitable for the tech giant. According to market analytics firm Verified Market Research, the global incident response market could grow from $21.61 billion last year to $89.09 billion by 2030..
[ad_2]