CISA Launches Logging Tool for Resource-Poor Organizations
'Logging Made Easy' Provides Organizations With Critical Cybersecurity InsightsThe U.S. Cybersecurity and Infrastructure Security Agency launched a security tool intended to help organizations with limited resources better protect their Windows-based devices and sensitive data.
The security tool, called Logging Made Easy, provides organizations across the public and private sectors with a free open-source log management solution to help proactively monitor threats, conduct retroactive investigations and guide remediation procedures in the event of a cyber incident. CISA announced plans earlier this year to relaunch the service and expand its availability after the tool was originally developed and maintained by the United Kingdom's National Cyber Security Centre.
"One of our goals is to drive the implementation of measurably effective cybersecurity investments which includes providing cybersecurity capabilities and services that fill gaps," Chad Poland, product manager for cyber shared services at CISA, told Information Security Media Group. The tool can assist "target-rich, resource-poor" organizations that maintain valuable data but lack resources to defend against cyberattacks, he said.
The new version of Logging Made Easy is meant to serve as a turnkey log management tool for organizations that previously implemented the service when it was maintained by the U.K.’s National Cyber Security Centre. CISA is also offering the tool to new users seeking an accessible logging tool.
The service provides step-by-step installation instructions and can be integrated into most logging and protective monitoring strategies. It features prebuilt elastic security detection rules to help analysts quickly respond to cyber incidents, as well as coding that can help reduce cost barriers for organizations aiming to implement basic logging and monitoring capabilities.
Lindy Cameron, CEO of the NCSC, announced earlier this year that CISA would begin overseeing the logging service after the tool "undeniably delivered results" and "supported thousands of defenders to keep their networks safe."
CISA Director Jen Easterly said at the time that the new service offering aligns with the agency's focus on providing support to under-resourced organizations which have limited defenses against cybersecurity attacks.
The tool currently only covers Windows-based devices. CISA said it will consider potentially expanding the service to cover additional operating systems in the future.