This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.
Logging plays a major role in protecting an organization’s CUI and FCI because it detects malicious activity. This episode highlights logging best practices, learned by Redspin, the first Authorized CMMC C3PAO. Rob and Thomas talk through your logging options (to perform them manually, or use a new/existing SIEM?), what your program needs to include to meet requirements, and what evidence you need to be prepared to provide during an assessment.