Logging plays a major role in protecting an organization’s CUI and FCI because it detects malicious activity. In this video, Thomas and Rob discuss logging best practices, learned by Redspin, the first Authorized CMMC C3PAO. Together, they talk through your logging options (to perform them manually, or use a new/existing SIEM?), what your program needs to include to meet requirements, and what evidence you need to be prepared to provide during an assessment.