Amazon wants everyone to protect themselves online with Security PSA
A year ago, President Biden hosted a cybersecurity summit at the White House with several industry-leading companies such as Microsoft, Google, Facebook and Amazon. Andy Jassy, CEO, and Stephen Schmidt, vice president, security engineering and chief security officer, represented Amazon. The president’s request was for commitments to strengthen our nation’s security.
Stephen Schmidt is responsible for Amazon’s security, from satellite systems to robots, delivery vehicles, self-driving cars and “AWS boxes with smiley faces.” Recently, I sat down with Schmidt to understand Amazon’s contributions to cybersecurity and a new public service announcement (PSA) campaign, “Protect & Connect,” which launched on August 22, 2022.
Multi-factor authentication (MFA) and training
After the White House Cybersecurity Summit, two unsurprising conclusions emerged: the need for MFA and training. Amazon responded by providing free MFA security keys to eligible AWS customers. The company also created free internal security awareness training materials available for individuals and businesses around the world.
Breaking the jargon
A challenge in any technology organization is to impart security knowledge to employees in the language that these people understand to get them to internalize it. As an industry, we don’t do well at speaking the language of the average human. Lots of jargon, scary tactics, and horrible stuff make it hard for the average person to understand cybersecurity.
I can’t tell you how long I’ve been evangelizing for simplicity of lingo and security benchmarks that can better show what organizations are getting for their security investments. So far, the industry has failed in this area.
Help move the needle on cybersecurity
Amazon has leveraged several assets and resources to help advance cybersecurity. Prime Video was one of those assets with top creative power and talent. Another was the advertising industry and the owned and operated platforms used for the distribution of messages. Additionally, there was consumer reach through Amazon.com.
Leveraging safety talent from across the organization, Amazon created a Public Service Announcement (PSA) campaign to help consumers understand best practices for staying safe online.
Cybersecurity awareness is nothing new. Amazon partners in this effort with the National Cybersecurity Alliance (NCA), which consistently promotes cybersecurity awareness. The focus with Amazon is to take a different and more creative approach to making information more accessible, engaging, entertaining and educational.
Protect and connect
“Protect and Connect” introduces the concept of an internet bodyguard where you can feel empowered to protect yourself online. Amazon used Prime Video actor Michael B. Jordan and actress/producer Tessa Thompson as internet bodyguards to make the videos timely, relevant, engaging and dynamic. The goal was to make the videos fun and lighthearted so people would want to watch and share them.
The PSA includes three main themes. MFA is the easiest and one of the most powerful ways to stay safe online. MFA is an authentication method that requires two or more verification factors to access an app, online account, or VPN. Most banking apps now use MFA. Users receive one-time passwords (OTPs) such as four to eight digit codes via email, SMS or mobile app. The code is generated based on a seed value assigned to the user during registration and other factors, which can be a counter or time-based.
Phishing is something people need to recognize and avoid. Phishing uses psychological manipulation to trick users into making security mistakes or disclosing sensitive information, especially before the first morning coffee. Phishing steals user data, including login credentials and credit card numbers. Attackers have become very adept at impersonating a trusted entity to trick the user into opening an email, instant message or text message. The result is often a malicious link that can lead to the installation of malware or, worse, a ransomware attack. An attack can have devastating consequences due to unauthorized purchases, theft of funds or identity theft.
Finally, what Amazon calls personal agency is the idea that people can protect themselves online and have some power over the situation despite complex cybersecurity threats. The message is: “You own your security, and a few simple steps can help you along the way.” Amazon offers free training materials on the microsite.
The Protectconnect.com microsite will host the series of videos focusing on the three pillars of the campaign. And will include quizzes and interactive content to test consumers’ knowledge of best practices for staying safe online. A digital advertising campaign will be launched to support the PSA campaign.
An altruistic publicly traded company is mostly an oxymoron. But surprisingly, it’s not about generating dollars for Amazon.
Amazon has a significant presence everywhere: Amazon Studios, Prime Video, Thursday Night Football, and a website people go to in the order of things that pop up at home. Other than the Amazon logo, this campaign has little to do with Amazon. Consumers should stay safe on Amazon.com, Walmart.com, banking app, or any online interaction.
Will this PSA benefit Amazon by reducing customer service costs? Perhaps if fewer people have IDs stolen, that will translate to more occasional phone calls to forgive fraudulent accusations. The PSA is not about Amazon but is about making people safer and enabling people to control online experiences more efficiently and securely. Will some people assume there is an ulterior motive? Sure. But it’s Amazon that really realizes a unique opportunity to help raise cybersecurity awareness.
Amazon is an important player in several sectors and uses this position for the greater good, as does Amazon’s climate commitment.
Note: Moor Insights & Strategy writers and editors may have contributed to this article.
Moor Insights & Strategy, like all research and technology industry analytics companies, provides or has provided paid services to technology companies. These services include research, analysis, consulting, consulting, benchmarking, acquisition matching and conference sponsorship. Company has had or currently has paid business relationships with 8×8, Accenture, A10 Networks, Advanced Micro Devices, Amazon, Amazon Web Services, Ambient Scientific, Anuta Networks, Applied Brain Research, Applied Micro, Apstra, Arm, Aruba Networks (now HPE), Atom Computing, AT&T, Aura, Automation Anywhere, AWS, A-10 Strategies, Bitfusion, Blaize, Box, Broadcom, C3.AI, Calix, Campfire, Cisco Systems, Clear Software, Cloudera, Clumio, Cognitive Systems , CompuCom, Cradlepoint, CyberArk, Dell, Dell EMC, Dell Technologies, Diablo Technologies, Dialogue Group, Digital Optics, Dreamium Labs, D-Wave, Echelon, Ericsson, Extreme Networks, Five9, Flex, Foundries.io, Foxconn, Frame ( now VMware), Fujitsu, Gen Z Consortium, Glue Networks, GlobalFoundries, Revolve (now Google), Google Cloud, Graphcore, Groq, Hiregenics, Hotwire Global, HP Inc., Hewlett Packard Enterprise, Honeywell, Huawei Technologies, IBM, Infinidat, Infosys, Inseego, IonQ, IonVR, Inseego, Info sys, Infiot, Intel, Interdigit al, Jabil Circuit, Keysight, Konica Minolta, Lattice Semiconductor, Lenovo, Linux Foundation, Lightbits Labs, LogicMonitor, Luminar, MapBox, Marvell Technology, Mavenir, Marseille Inc, Mayfair Equity, Meraki (Cisco), Merck KGaA, Mesophere, Micron Technology, Microsoft, MiTEL, Mojo Networks, MongoDB, MulteFire Alliance, National Instruments, Neat, NetApp, Nightwatch, NOKIA (Alcatel-Lucent), Nortek, Novumind, NVIDIA, Nutanix, Nuvia (now Qualcomm), onsemi, UNOG, OpenStack Foundation, Oracle, Palo Alto Networks, Panasas, Peraso, Pexip, Pixelworks, Plume Design, PlusAI, Poly (formerly Plantronics), Portworx, Pure Storage, Qualcomm, Quantinuum, Rackspace, Rambus, Rayvolt E-Bikes, Red Hat, Renesas, Residio, Samsung Electronics, Samsung Semi, SAP, SAS, Scale Computing, Schneider Electric, SiFive, Silver Peak (now Aruba-HPE), SkyWorks, SONY Optical Storage, Splunk, Springpath (now Cisco), Spirent, Splunk, Sprint (now T-Mobile), St ratus Technologies, Symantec, Synaptics, Syniverse, Synopsys, Tan ium, Telesign, TE Connectivity, TensTorrent, Tobii Technology, Teradata, T-Mobile, Treasure Data, Twitter, Unity Technologies, UiPath, Verizon Communications, VAST Data, Ventana Micro Systems, Vidyo, VMware, Wave Computing, Wellsmith, Xilinx, Zayo, Zebra, Zededa, Zendesk, Zoho, Zoom and Zscaler. Patrick Moorhead, Founder, CEO and Chief Analyst of Moor Insights & Strategy, is an investor in dMY Technology Group Inc. VI, Dreamium Labs, Groq, Luminar Technologies, MemryX and Movandi.
Patrick Moorhead, Founder, CEO and Chief Analyst of Moor Insights & Strategy, is an investor in dMY Technology Group Inc. VI, Dreamium Labs, Groq, Luminar Technologies, MemryX and Movand