NEW YORK – Amazon Web Services, Inc. (AWS) recently completed a comprehensive cloud security assessment of its AWS environment. Conducted in partnership with the OCC (Options Clearing Corporation), the evaluation assessed OCC’s cloud security controls against regulatory and industry standard frameworks, including NIST Cybersecurity Framework (CSF), and Regulation Systems Compliance and Integrity (RegSCI).
The assessment included:
• Data Driven Evaluation: Evaluated OCC’s security approach against regulatory requirements through a comprehensive review of 108 NIST Cybersecurity Framework subcategories.
• Enhanced Security Posture: Reinforced OCC’s security framework by incorporating leading industry standards and AWS-specific best practices.
• Maturity Verification: Assessed the robustness of existing cloud security controls and their ability to protect system availability.
“As a Systemically Important Financial Market Utility, OCC maintains the highest standards for security and operational resilience,” said Matt Rathbun, chief security officer at OCC via Amazon news release. “This rigorous assessment with AWS validates our proactive approach to cloud security and ensures our controls not only meet but exceed regulatory expectations. Our commitment to operational excellence requires continuous validation and enhancement of our security frameworks.”
“At AWS, security is our top priority,” added Scott Mullins, managing director, Worldwide Financial Services at AWS. “AWS is architected to be the most secure global cloud infrastructure on which to build, migrate, and manage applications and workloads. OCC’s rigorous approach to cloud security demonstrates the level of diligence required for critical financial market infrastructure…”