Guides

AWS Incident Response Playbooks

Practical, regulator-aligned playbooks for AWS incident response across APAC. Each guide is a downloadable PDF covering the rule, the runbook, and the AWS-side hardening required to meet it.

  1. Pillar guide
    • Australia
    • Singapore
    • India
    • Malaysia
    • Thailand
    • Indonesia
    • Philippines
    • Vietnam

    AWS Incident Response in APAC: A Regulatory and Technical Playbook

    How AWS incident response works across Australia, Singapore, India, and the wider ASEAN region — the reporting clocks, the detection toolchain, and the operational gotchas that change as you cross borders.
    • Australia

    APRA CPS 234 on AWS: Notification, Material Weakness, and the CPS 230 Overlay

    APRA-regulated entities have 72 hours to notify a material information security incident — and 24 hours under CPS 230 if customer-facing operations are affected. This is the practical playbook for AWS workloads in ap-southeast-2 and ap-southeast-4.
    • India

    Meeting CERT-In's 6-Hour Incident Reporting Rule on AWS

    India's CERT-In Cyber Security Directions give you six hours from noticing a cyber incident to filing an initial report. This is the practical playbook for AWS workloads in ap-south-1 and ap-south-2.
    • Singapore

    MAS TRM and AWS Incident Response: Hitting the 1-Hour Notification Window

    Singapore's MAS requires regulated financial institutions to notify within one hour of a relevant IT incident. This is the practical playbook for AWS workloads in ap-southeast-1, with the runbook, the evidence stack, and the common failure modes.
    • Australia

    OAIC Notifiable Data Breach Scheme on AWS: The Australian Playbook

    Australia's NDB scheme gives you 30 days to assess and notify a suspected data breach. The clock is forgiving but the standard is not — this is the practical playbook for AWS workloads in ap-southeast-2 and ap-southeast-4.