Building on the May 2021 cybersecurity executive order, the August 2021 Office of Management and Budget (OMB) memo M-21-31, “Improving the Federal Government’s Investigative and Remediation Capabilities Related to Cybersecurity Incidents,” requires Federal agencies to implement a four-tier system for event logging (EL) as part of the move to zero trust.
“Information from logs on Federal information systems (for both on-premises systems and connections hosted by third parties, such as cloud services providers) is invaluable in the detection, investigation, and remediation of cyber threats,” said Shalanda Young, director of OMB.
Logging underpins all cyber defense. Without effective logging, agencies struggle to detect incursions, run analytics on events, and understand incidents. Fortunately, agencies don’t have to start from scratch as they pursue an enterprise-wide view of their logging coverage.
Download the issue brief to learn more.