×

Irish Information Security Forum

Best practices for event logging and threat detection

Source: https://www.cyber.gov.au/
P
ublication Date: 22 Aug 2024

 

The Australian Signals Directive (ASD) and the Australian Cyber Security Centre (ACSC) have released new guidance on "Best practices for event logging and threat detection" which outlines best practice for event logging and threat detection for cloud services, enterprise information technology (IT) networks, enterprise mobility and operational technology (OT) networks.

 

ASD ACSC logos

 

The advice assumes a basic understanding of event logging and is intended primarily for cyber security practitioners, IT managers, OT operators, network administrators and network operators within medium to large organisations.

 

There are four key factors to consider when pursuing event logging and threat detection best practice:

  • Develop an enterprise-approved logging policy.
  • Centralise log collection and correlation.
  • Maintain log integrity, including through secure log storage.
  • Develop a detection strategy for relevant threats.


This publication has been released in cooperation with the following international partners:

 

  • United States (US) Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the National Security Agency (NSA)
  • United Kingdom (UK) National Cyber Security Centre (NCSC-UK)
  • Canadian Centre for Cyber Security (CCCS)
  • New Zealand National Cyber Security Centre (NCSC-NZ) and Computer Emergency Response Team (CERT NZ)
  • Japan National Center of Incident Readiness and Strategy for Cybersecurity (NISC) and Computer Emergency Response Team Coordination Center (JPCERT/CC)
  • The Republic of Korea National Intelligence Services (NIS) and NIS’s National Cyber Security Center (NCSC-Korea)
  • Singapore Cyber Security Agency (CSA)
  • The Netherlands General Intelligence and Security Service (AIVD) and Military Intelligence and Security Service (MIVD).


To learn more about these key factors, download and read the full publication.

Best Practice for Event Logging and Threat Detection cover

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter