iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
CISA, FBI, NSA, and other international partners release Best Practices for Event Logging and Threat Detection guidelines.
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), alongside the US Cybersecurity and Infrastructure Security Agency (CISA), the FBI, the National Security Agency (NSA), and agencies from the UK, New Zealand, Canada, Japan, Singapore, and Canada to release a best practice guide for tracking security threats.
Best Practices for Event Logging and Threat Detection is a 17-page PDF that “defines a baseline for event logging best practices to mitigate cyber threats”.
“CISA encourages public and private sector senior information technology (IT) decision-makers, operational technology (OT) operators, network administrators, network operators, and critical infrastructure organisations to review the best practices in the guide and implement recommended actions,” CISA said in a 21 August statement about the release.
“These actions can help detect malicious activity, behavioural anomalies, and compromised networks, devices, or accounts.”
The document outlines best practices for enterprise-approved event logging policies, centralised log collection and correlation, secure storage and event log integrity, and detection strategies for relevant threats – with a particular focus on detecting living-off-the-land techniques – alongside additional guidance from the agencies involved in the creation of the guide.
You can find the Best Practices for Event Logging and Threat Detection here, and Cyber Daily recommends all our readers study and implement what the guide has to say.
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
