Nick Heudecker, senior director of market strategy at Cribl, said the 2021 cybersecurity executive order has pushed federal agencies to take a closer look at zero trust, endpoint detection and response and supply chain security and implement a layered security architecture.
Heudecker wrote that the EO has resulted in the development of the Office of Management and Budget’s event log management maturity model, which he said calls for properly formatted timestamps in event logs.
He noted that implementing a “cohesive data format” could help improve sharing of data between agencies and the Cybersecurity and Infrastructure Security Agency and enable users to better understand data logs.
“The ability to route data to many places amplifies the value that can be derived from that data — for insight into current security events, for future research and for regulatory compliance,” Heudecker wrote.
He discussed cloud security and the need for agencies to advance collaboration between cloud security and operations teams and incorporate multicloud security capabilities without impeding the work of application developers.
Agencies should consider adopting a cloud security posture management platform and third-party virtual appliances, among other technologies, to help reduce the burden of maintaining security for employees, according to Heudecker.
He also called on agencies to train employees on security capabilities and multiple cloud platforms amid evolving cyberthreat landscape.