by Marian Bodunrin
2:30 min read
When properly implemented, Control #6 can bring an organization’s security program to a higher level of maturity. Maintaining, monitoring and analyzing audit logs helps gain visibility into the actual workings of an environment. Also, with proper implementation, the control can help detect, understand or recover from an attack.
Despite best practices, it is impossible to safeguard a network against every attack. Therefore, when a breach occurs the log data can be crucial for identifying the cause of the breach and help in collecting evidence for use. That is, if the logs were configured properly before the incident occurred.
Deficiencies in security logging and analysis allow attackers to hide their location, malicious codes and activities on victim’s machines. Without protected and complete logging records an organization is blind to the details of an attack which can go on indefinitely and cause significant damage.
To ensure readiness, and effective log maintenance, monitoring, and analysis, the Center for Internet Security (CIS) recommends the following controls:
Maintaining security logs and actively using them to monitor security related activities within the environment is essential, especially during post breach forensic investigation. Therefore, an organization must develop procedures to actively review and analyze logs in real time so that attacks can be detected quickly with appropriate response time. It's one of several best practices for an environment to achieve a safer, better, cybersecurity posture.
CYBER RISK | Strategy
CYBER RISK | Identification
CYBER RISK | Management
CYBER RISK | Monitoring
Product Integration Services
Product Procurement Services
Anchor offers special managed security solutions for small business.
Sign up to receive security news and information.
(NO SPAM and email information kept private)
Anchor Technologies, Inc.
6315 Hillside Court, Suite J
Columbia, MD 21046
Howard County, Maryland, USA
410.295.7601 or toll free: 866.841.0777
© COPYRIGHT 2018. ALL RIGHTS RESERVED.