Taking the Challenge Out of Embracing Event Logging
There has been an increased focus among U.S. government agencies on adapting to modern IT environments and enhancing cybersecurity solutions. This increased focus on security government networks, data, and critical infrastructure is a result of ongoing digital transformation initiatives that are resulting in more mission-critical connected systems and more data for agencies to secure. It’s also a result of the increased number of cyberattacks and more sophisticated cyber-criminals that are targeting our nation’s networks.
Each represents a significant threat but together they pose a major challenge for federal IT teams.
The Biden Administration released guidance in August 2021 requiring federal government customers to rapidly move towards embracing standardized and comprehensive log event management to improve the ability to detect, investigate and remediate cyber threats. Known as M-21-31, the memorandum sets forth a federal logging maturity model and provides a new standard that is broadly applicable across the public sector and regulated industries.
At its heart, the standards from M-21-31 highlight the important role that event logging plays in providing robust cybersecurity. Events like the SolarWinds cyberbreach underscore the importance of increased government visibility before, during, and after a cybersecurity incident. Event logging provides an important service to do just that, and M-21-31 showcases why this information is critical.
By providing the means to detect, investigate, and remediate cyber threats, it is easy to see why event logging has become a central part of white house cybersecurity guidance. But what does the mean for federal agencies looking to embrace the new guidance? What resources do they have? More importantly, who can they turn to as they approach integrating solutions for this requirement into their IT policies?
The good news is that while it may seem daunting to embrace event logging, there are several private industry partners prepared to make the process much easier.
"Part of our commitment to enhancing cybersecurity across the U.S. is to support federal, state, and local governments,” Rick Wagner, President of Microsoft Federal said. "We're forging partnerships with federal agencies to share critical information and to develop cybersecurity best practices."
The technology sector has long been an active partner of the government, a partnership which Wagner wants to maintain and expand upon as new guidance comes out. “The technology sector bears a great responsibly for securing our nation’s critical assets, which is why we’re committed to investing in the technology to advance tools, practices, and services that we provide to customers.”
As part of this commitment, Microsoft Federal and other private industry partners are looking towards Event Logging as the next great addition to the government cybersecurity tool belt. Utilizing solutions like Microsoft’s Modern Log Management Program will allow government organizations to embrace the requirements of M-21-31.
Steve Faehl, CTO of Microsoft Federal Security, noted that the industry has sought to build iterative solutions that make adapting and complying with M-21-31 a central part of their offerings. "Leveraging existing investment, we work to deliver visibility and remediation capabilities," Faehl added. "The goal is to make operationalizing data more effective and to realize a greater investigation and response value."
With the security threat constantly shifting and evolving, guidance and mandates will continue to evolve. In this dynamic environment, it is important to have a partner that can best identify and provide solutions for new requirements as they arise. "We have a broad commitment to establish cybersecurity at the heart of everything we do," Wagner said. "We believe that close collaboration with industry and government is essential to helping modernize and secure the critical assets upon which the American people rely upon."