Amazon Web Services (AWS) is committed to bringing additional services and AWS Regions into the scope of our Esquema Nacional de Seguridad (ENS) High certification to help customers meet their regulatory needs. ENS is Spain’s National Security Framework. The ENS certification is regulated under the Spanish Royal Decree …

Cyberattacks that target our government are all too common these days. From SolarWinds, to hacks against widely used email servers, to attacks against the defense industrial base, we know that cyberattacks against the public and private sectors continue to be an issue. Our latest VirusTotal malware trends report illustrates …

reCAPTCHA Enterprise is Google’s online fraud detection service that leverages more than a decade of experience defending the internet. reCAPTCHA Enterprise can be used to prevent fraud and attacks perpetrated by scripts, bot software, and humans. When installed inside a mobile app at the point of action, such …

Amazon Web Services (AWS) is pleased to announce that 20 additional AWS services have achieved Provisional Authority to Operate (P-ATO) from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB). The following are the 20 AWS services with FedRAMP authorization for the U.S. federal government …

Amazon Web Services (AWS) is excited to begin migration plans for National Institute of Standards and Technology (NIST) 800-53 Revision 5. The NIST 800-53 framework is a regulatory standard that defines the minimum baseline of security controls for U.S. federal information systems. In 2020, NIST released Revision 5 …

While the digitization of government services and operations has helped enhance the constituent experience, it has also increased the cyber threat surface for governments of all sizes. In 2020, 79 ransomware attacks hit government organizations, amounting to nearly $19 billion in downtime and recovery costs 1. Other research indicates …

As enterprise and public sector cloud adoption continues to accelerate, having an accurate picture of who did what in your cloud environment is important for security and compliance purposes. Logs are critical when you are attempting to detect a breach, investigating ongoing security issues, or performing forensic investigations. These …

Recently, Datatilsynet (the Danish Data Protection Authority) issued a ruling emphasizing the importance of conducting proper due diligence before implementing cloud services. We agree due diligence is an important step for customers since privacy assessments and outcomes can vary significantly based on the way customers have configured their system …

Building a resilient healthcare ecosystem is not something done within a vacuum. It takes motivated organizations and people working together in a community of trust to build and defend effectively. We believe the more diverse these communities are, the more effective they can be. Last August, Google announced its …

Amazon Web Services (AWS) is the first cloud service provider to produce an Open Security Control Assessment Language (OSCAL)–formatted system security plan (SSP) for the FedRAMP Project Management Office (PMO). OSCAL is the first step in the AWS effort to automate security documentation to simplify our customers’ journey …

AWS is pleased to announce that Wickr for Government (WickrGov) has achieved Federal Risk and Authorization Management Program (FedRAMP) Ready status at the Moderate Impact Level, and is actively working toward FedRAMP Authorized status. FedRAMP is a US government-wide program that promotes the adoption of secure cloud services across …

As long as passwords remain an incredibly common form of account authentication, password reuse attacks—which take advantage of people reusing the same password across multiple services—will be one of the most common ways for malicious hackers to hijack user accounts. Password reuse is such a serious problem …

Download our guidebook to learn how reCAPTCHA Enterprise can help strengthen your website security quickly. Cyber threats on the rise In 2021, the United States saw 40.5% of website attacks committed through “bad bots” on the internet, with 37.2% of government website traffic being bad bots, according …

As sophisticated cyberattack campaigns increasingly target the U.S. public and private sectors during the COVID era, the White House and federal agencies have taken steps to protect critical infrastructure and remote-work infrastructure. These include Executive Order 14028 and the Office of Management and Budget’s Memorandum M-21-31, which …

Cybersecurity remains a top national concern, and Google Cloud is committed to providing government agencies with the security capabilities they need to achieve their missions. At the annual Google Cloud Security Summit today, we’re excited to share updates on how we’re helping governments around the world address …

For more than a decade, Google has applied a Zero Trust approach to most aspects of our operations. Zero Trust’s core tenet–that implicit trust in any single component of a complex, interconnected system can create serious security risks–is fundamental to how we operate and build our …

French version At Amazon Web Services (AWS), we are committed to providing continued assurance to our customers through assessments, certifications, and attestations that support the adoption of AWS services. We are pleased to announce the availability of the Canadian Centre for Cyber Security (CCCS) assessment summary report for AWS …

Prior to joining Google Cloud, I spent 20 years in the public sector serving in various security roles, most recently as the head of the cybersecurity division at the newly established Cybersecurity and Infrastructure Security Agency (CISA). I was responsible for delivering services and capabilities to about 100 civilian …

reCAPTCHA Enterprise is Google’s online fraud detection service that leverages over a decade of experience defending the internet. reCAPTCHA Enterprise can be used to prevent fraud and attacks perpetrated by scripts, bot software, or humans. When installed on a web page at the point of action, such as …

AWS is pleased to announce that 15 additional AWS services have achieved Provisional Authority to Operate (P-ATO) from the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB). AWS is continually expanding the scope of our compliance programs to help customers use authorized services for sensitive and …

Google has a long history and deep commitment to innovation in the public sector and regulated markets including healthcare, financial services, and telecommunications, to name a few. Recently, we’ve made significant advances in our security and compliance offerings and capabilities in order to better enable government and government …

Editor’s note : This article has originally been published on our German blog. Imagine you’ve done your due diligence for your upcoming trip to the local authority office. You’ve filled out the relevant forms, booked the appointment, found the correct points of contact. But, as much as …

We’re pleased to announce that 18 additional AWS services have achieved Provisional Authority to Operate (P-ATO) by the Federal Risk and Authorization Management Program (FedRAMP) Joint Authorization Board (JAB). The following are the 18 additional services with FedRAMP authorization for the US federal government, and organizations with regulated …

This post is part of a series about how Amazon Web Services (AWS) can help your US federal agency meet the requirements of the President’s Executive Order on Improving the Nation’s Cybersecurity. You will learn how you can use AWS information security practices to meet the requirement …

I’m pleased to announce that the Defense Information Systems Agency (DISA) has authorized 17 additional Amazon Web Services (AWS) services and features in the AWS GovCloud (US) Regions, bringing the total to 105 services and major features that are authorized for use by the U.S. Department of …