Amazon is just one of many tech giants that met with the Biden administration this week and promised to increase their efforts against cyberattacks.
The company has pledged to offer a multi-factor authentication (MFA), device at no cost to customers who qualify for Amazon Web Services (AWS). It will also make its internal security training materials public. Amazon announced that the move was intended to “help protect individuals and organizations from increasing cybersecurity threats.”
Amazon’s pledge coincides closely with a meeting between top tech industry players and U.S. president Joe Biden on Aug. 25. Other than Amazon, other participating companies were Microsoft, Apple Google, IBM, and others.
“The purpose of today’s meeting was to discuss possibilities to bolster the nation’s cybersecurity in partnership, and individually,” said the administration in a statement.
Amazon will begin to offer free MFA tokens to AWS customers in October. The tokens can be plugged into the USB ports of users and are intended to provide additional protection against malware attacks, session hijacking, phishing, and man-in-the middle attacks.
Amazon states that AWS users who have access to the AWS Management console can authenticate themselves by simply entering their passwords and then touching the MFA security token plugged into the USB port of their computer.
Amazon will also release its Security Awareness internal training curriculum for the public free of charge in October to increase access to cybersecurity education. Amazon describes it as a “digestible, succinct curriculum” with video and online modules. Its purpose is to educate individuals and organizations about security breaches that depend on social engineering, such as phishing emails and scam phone calls.
“Education is the key to addressing cybersecurity threats,” stated Steve Schmidt, AWS Chief Information Security Officer in a prepared statement.
This week’s White House meeting follows a May executive order by the Biden administration. It was issued in response to several high-profile cybersecurity attacks, including the SolarWinds supply chain attack, the “Hafnium” attacks on Exchange Server, and a ransomware assault on Colonial Pipeline. The executive order encouraged businesses to take ambitious measures to increase and align cybersecurity investments in order to minimize future incidents.
Other tech companies that were present at the Aug. 25 meeting also announced their own cybersecurity initiatives. Amazon cloud rivals Microsoft Cloud and Google promised to invest $20 billion and $10 million over five years in cybersecurity efforts. This Redmondmag article provides more information about the security promises made by other companies.
