Heudecker wrote that the EO has resulted in the development of the Office of Management and Budget’s event log management maturity model, which he said calls for properly formatted timestamps in event logs.
He noted that implementing a “cohesive data format” could help improve sharing of data between agencies and the Cybersecurity and Infrastructure Security Agency and enable users to better understand data logs.
“The ability to route data to many places amplifies the value that can be derived from that data — for insight into current security events, for future research and for regulatory compliance,” Heudecker wrote.
He discussed cloud security and the need for agencies to advance collaboration between cloud security and operations teams and incorporate multicloud security capabilities without impeding the work of application developers.
Agencies should consider adopting a cloud security posture management platform and third-party virtual appliances, among other technologies, to help reduce the burden of maintaining security for employees, according to Heudecker.
He also called on agencies to train employees on security capabilities and multiple cloud platforms amid evolving cyberthreat landscape.
PDW is acquiring Vanteon to expand tactical communications capabilities The acquisition will bring expertise in RF systems, software-defined radios and…
CISA is planning a $100 million cyber operations contract supporting threat-hunting missions The requirement will provide technical and operational support…
Valiant Solutions is expanding its cybersecurity portfolio through the acquisition of BreakPoint Labs The acquisition will bring operational technology security,…
