Share this page!

Maybe Scrolly?
Mark Nunnikhoven Profile picture
Twitter logo
24 Aug, 15 tweets, 12 min read
new thread to cover, “Governance, Risk, & Compliance”

@awscloud #reinforce
Anil starts things off with compliance landscape…

@awscloud #reinforce
lots of different legislation out there around data protection and #privacy. combined with a push to the cloud, lots of change in a traditionally slow area of GRC

@awscloud #reinforce
perfect example: compliance and audit struggles to keep up << I’ve had a ton of “those” conversations with auditors over the past decade

@awscloud #reinforce
honestly, this is a critical subject but it’s super, super dry material. Anil is doing a solid job…this cannot be easy without an audience to draw some energy from

@awscloud #reinforce
here’s the leadership session on GRC (governance, risk, and compliance) from the last @awscloud #reinforce

a good talk again from the original @awscloud #reinforce, “Aligning to the NIST Cybersecurity Framework in the AWS Cloud”, << shows AWS in line with NIST’s CSF
Anil is starting into 6 lessons learned when building out the GRC program at @awscloud

#reinforce
first up, “Fail fast”

in 2010, @awscloud needed to get ISO 27001 certification. lots of gaps but they didn’t let that stop them. did the assessment and used it as a map to remediate

@awscloud #reinforce
2nd lesson: engineer audits for engineers << ties to the overall theme of building a #security culture

@awscloud #reinforce
@awscloud #reinforce
it’s interesting to hear to the challenges of auditing @awscloud given the rate of change, the complexity of the environment, and the, um, sturdiness of the audit process?

…ok, not sturdy. inflexible…obtuse…stagnant?

@awscloud #reinforce
👆 highlights the need for specialized auditors

this talk gives you a glimpse at the need for the Cloud Audit Academy, aws.amazon.com/compliance/aud…

@awscloud #reinforce
perspective on efficiency of pulling evidence for audits

@awscloud #reinforce
got pulled into another issue, didn’t see th last of the GRC session.

watching Eric Brandwine’s session on a culture of security now...

@awscloud #reinvent

👇

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Mark Nunnikhoven

Mark Nunnikhoven Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @marknca

Mark Nunnikhoven Profile picture
2 Sep
containers on @awscloud: a rant 🧵

problem: I want to run a single container every so often

☁️ #cloud #devops
I start with a search. the first result is straight forward and promising

I click on "Containers on AWS"

☁️🧵 #cloud #devops
I land here. it's not bad though a bit of a pitch, "AWS is the #1 place for you to run containers and 80% of all containers in the cloud run on @awscloud" << but will MINE?!?

☁️🧵 #cloud #devops
Read 45 tweets
Mark Nunnikhoven Profile picture
24 Aug
next up is IAM with Karen Haberkorn

@awscloud #reinforce
…and the challenge of virtual events rears it ugly head. other more pressing matters popped up and I’ve missed what seems like a great talk and discussion on IAM 😔

@awscloud #reinforce
…but the upside of the virtual event is that I should be able to watch this on replay soon enough!

@awscloud #reinforce
Read 17 tweets
Mark Nunnikhoven Profile picture
24 Aug
Eric Brandwine up now at @awscloud #reinforce

he’s talking about building a culture of #security
scale quickly became a problem in building the #security organization at AWS

@awscloud #reinforce
Eric realized they couldn’t scale up the team to the size of AWS, it just wasn’t possible

they had to figure out a way to help the organization build the #security culture itself

@awscloud #reinforce
Read 34 tweets
Mark Nunnikhoven Profile picture
24 Aug
up now at @awscloud #reinforce, “Data Protection & Privacy” with @JKenBeer, @jennybrinkley, & @clean_freak

☁️ #cloud #devops
. @StephenSchmidt introduces the session, which is a “fireside chat”

@awscloud #reinforce
Jenny is co-ordinating the chat. Anne is the director of Alexa Trust. Ken is the GM of AWS KMS

@awscloud #reinforce
Read 37 tweets
Mark Nunnikhoven Profile picture
24 Aug
. @awscloud #reinforce // here we go…

🎙🧵

☁️ #cloud #security #devops
Adam Selipsky (CEO, AWS) up first with an opening message for @awscloud #reinforce
“Security is job ZERO at @awscloud”, Adam Selipsky. he’s referring to the fact that it is required as a baseline before building or doing anything

he goes on to say that #security is critical to AWS’ success and customer success

#cloud #devops
Read 121 tweets
Mark Nunnikhoven Profile picture
13 Aug
yesterday I spun up 36x @awscloud EC2 instances to build out a weird sample data set

today, trying to get an exact cost for that work, it hits home (again) why @quinnypig has a very successful business

a story...



🧵 ☁️ #cloud #devops
ok, so I spun up the instances via python/boto3 (all old-school like) because I had a unique user-data script to each to execute and then shutdown

super simple 👇

🧵 ☁️ #cloud #devops
of course, the execution of this script took a while. about 6 hours. so I ran a couple quick, smaller scale tests and when I had things locked. I ran the script 👆

🧵 ☁️ #cloud #devops
Read 25 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!

Follow Us on Twitter!

Like this author's thread?

Get emails when @marknca has new unrolls!

Check out other threads from @marknca!

Read all threads by @marknca

:(