23: CMMC and Logging Capabilities, The Why and How

This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments.  Logging plays a major role in protecting an organization's CUI and FCI because it detects malicious activity. This episode highlights logging best practices, learned by Redspin, the first Authorized CMMC C3PAO. Rob and Thomas talk through your logging options (to perform them manually, or use a new/existing SIEM?), what your program needs to include to meet requirements, and what ...

This episode addresses one topic taken from our top ten list of most common failed practices from the CMMC & DIBCAC High assessments. 

Logging plays a major role in protecting an organization's CUI and FCI because it detects malicious activity. This episode highlights logging best practices, learned by Redspin, the first Authorized CMMC C3PAO. Rob and Thomas talk through your logging options (to perform them manually, or use a new/existing SIEM?), what your program needs to include to meet requirements, and what evidence you need to be prepared to provide during an assessment. 

Subscribe to CyberSpin: Apple iTunes, Spotify, Stitcher, or your preferred podcast platform. New episodes are released every other week and a transcript of each episode can be found at redspin.com.

Do you have a question, topic, or idea you’d like us to address on this podcast? Send us an email podcast@redspin.com and we will do our best to cover it in our upcoming episodes!