Image: © MR/Stock.adobe.com
The cyber incident response market is set to quadruple by 2030 as cyberattacks grow in numbers and sophistication.
Amazon Web Services (AWS) has launched an incident response service with automated features to help organisations manage security events, including data breaches and ransomware attacks.
Introducing the new service, AWS said that its Security Incident Response automates the preliminary assessment and investigation of security findings from Amazon GuardDuty – the company’s threat detection service – alongside third-party threat detection tools, and provides 24/7 access to security experts from the AWS Customer Incident Response Team.
“Security teams often face an overwhelming number of daily alerts,” Betty Zheng wrote in a blogpost yesterday (1 December). Explaining the decision to launch the service, AWS said that manual investigations strain resources, while attempting to coordinate responses across multiple stakeholders and documenting actions complicates the response process.
The Security Incident Response provides AWS customers access to a centralised console with features that allow secure data transfer and automated case history tracking, which allows the security team to focus on remediation, the company claims.
Moreover, AWS customers also gain access to self-service investigation tools and a service dashboard with metrics to monitor and improve their security incident response.
The AWS vice-president of global services security Hart Rossman told TechCrunch that this service “can now be used as a … single source of truth for security incident response”.
“We’ve received feedback from customers that implementing effective security incident response programs is challenging due to a reliance on various tools, services and people that are difficult to scale as organisations and business needs evolve,” he said.
The need for cybersecurity risk mitigation is on the rise with major companies suffering from attacks.
Just last month, Amazon employee data was exposed in a breach. In a statement to SiliconRepublic.com at the time, an Amazon spokesperson said: “Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.
Meanwhile US wireless network operator T-Mobile, a victim of several cyber incidents in the past, revealed last week that fresh attempts were made to access its sensitive data, though they were unsuccessful. T-mobile announced that it severed ties to a provider network that the company believes to be responsible for its compromised system.
In October, the network operator reached a settlement with the US Federal Communications Commission to pay a penalty of $15.75m to the US Treasury for multiple data breaches affecting tens of millions of users over the years.
Also in October, the EU Network & Information Security 2 Directive entered into force, mandating all EU member states to comply with stringent regulations to boost their cybersecurity standards.
The directive covers entities operating in sectors that are critical for the economy and society, including providers of public electronic communications services, ICT service management, digital services, space, health and more.
According to Verified Market Research, a market analytics firm, the global incident response market which was valued at nearly $22bn last year is projected to reach more than $89bn by 2030, driven by growing cybersecurity risks and an increased need for regulatory compliance.
Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.
