Improved Cybersecurity Logging Gives Agencies Better Network Visibility | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

Each agency should use logging in conjunction with various tools for finding vulnerabilities on each of its IP network-connected technology assets, including missing patches, outdated software versions in need of upgrading and misconfigured software and services.

To help agencies address these new logging-related requirements, NIST recently released Special Publication 800-92 Revision 1, Cybersecurity Log Management Planning Guide.

Most agencies will need to use several tools in combination to achieve the necessary visibility for all of their assets, no matter where each asset is located at any time. Let’s take a closer look at some of these tools.

Install a CDM Dashboard to Find and Share Vulnerabilities

CISA’s Continuous Diagnostics and Mitigation Program provides offerings specific to logging and logging tools, including agency dashboards that bring together log data from many internal sources to provide an agencywide picture of current cybersecurity vulnerabilities and threats.

While these dashboards are obviously useful to agencies as they prioritize their mitigation actions, they also help create a bigger picture. Each shares data with the CDM Federal Dashboard, which aggregates the vulnerability and threat data from all participating agencies.

This enables CISA to identify issues more quickly and use information gleaned from an issue at one agency to help determine which other agencies may be similarly at risk. It also allows CISA to track an agency’s mitigation of each vulnerability.

CISA Binding Operational Directive 23-01 requires all agencies to identify vulnerabilities in their software at least every two weeks using privileged credentials. It also requires agencies to add that information plus associated vulnerability detection performance data to their agency dashboard, which will be shared with CISA via the Federal Dashboard.

EXPLORE: Check out CDW•G’s threat and vulnerability management solutions.

Know the Best Places to Log the Most Valuable Information

Every agency can tap many potential sources for cybersecurity logging. First, there are all the operating systems, end-user applications and services that perform their own logging.

Second, there are technology management solutions, such as asset management software, desktop and laptop management software and mobile device management software, as well as vulnerability, patch and configuration management technologies.


Click Here For The Original Source.

National Cyber Security