More Info:

S3 buckets should have default encryption (SSE) enabled or use a bucket policy to enforce it. S3 default encryption will enable Amazon to encrypt your S3 data at the bucket level instead of object level in order to protect it from attackers or unauthorized personnel.

Risk Level

High

Address

Security

Compliance Standards

HIPAA, GDPR, CISAWS, CBP, NIST, AWSWAF, SOC2, NISTCSF, PCIDSS

Triage and Remediation

Remediation

Using Console

Additional Reading: