Advertisement

Federal CISO hails improving federal agency log management

Chris DeRusha says improved incident logging is helping to strengthen cybersecurity cooperation between departments and urges further progress.
FEB 23, 2023 -- Federal CISO Chris DeRusha speaking at the Zero Trust Summit, hosted by CyberScoop at the International Spy Museum. (Image credit: Pixelme Studio)

Progress made by federal agencies with log management is helping to strengthen cybersecurity collaboration between government departments, according to the federal chief information security officer.

Speaking Thursday at the Zero Trust Summit, hosted by CyberScoop, Chris DeRusha noted that the White House had seen significant advances over agencies’ approach to sharing systems data and urged further progress.

He said: “We need this folks, we need it. Because if we can’t know what’s happening in these networks, we can’t know how the bad guys move around. We can’t know when they’re gone.”

DeRusha added: “I’m excited … I know it’s a hard one. But you know what else it’s doing? It’s helping us with centralization. It’s moving the ball forward because it’s forcing around specific things, specific projects to get all the federated components to be working together towards the common goal of getting them data in one place, so we ourselves together.”

Advertisement

Logging, log retention and log management requirements for federal government agencies were included in section eight of the May 2021 Cybersecurity Executive Order issued by the Biden administration in the wake of the SolarWinds attack.

The guidance, contained within the EO, focused on ensuring centralized access and visibility for the highest-level enterprise security operations center of each federal agency, and was followed by a memorandum instructing agencies to increase the sharing of relevant information.

The White House in that memo included a maturity model for event log management intended to guide agencies’ implementation of its requirements across four event logging (EL) tiers: not effective, basic, intermediate, and advanced.

Speaking at the event, DeRusha said he understood the costs associated with log management, and that over time the White House will continue to fine tune logging requirements for agencies. 

John Hewitt Jones

Written by John Hewitt Jones

John is the managing editor of FedScoop, and was previously a reporter at Institutional Investor in New York City. He has a master’s degree in social policy from the London School of Economics and his writing has appeared in The Scotsman and The Sunday Times of London newspapers.

Latest Podcasts