Modernizing
Modernizing Federal Cybersecurity (Sec. 3.)
Federal staff are now mandated to modernize their security operations, fortify networks, and apply available expertise to become more informed and prepared for the next cyberattack, specifically by:
- Developing a plan for adoption of zero trust: Splunk’s Zero Trust (ZT) architecture tools combine seamlessly with leading industry partners to offer a comprehensive ZT ecosystem
- Reviewing their cloud adoption plans and resources: Splunk Cloud Platform, FedRAMP authorized at Moderate Impact Level, provides a unified view of all data, making it simple to investigate, monitor, analyze, and act with ease for enhanced security and operational efficiency
Strengthening
Strengthening Government Cybersecurity Detection (Sec. 7.)
The Federal Government shall employ all appropriate resources and authorities to maximize the early detection of cybersecurity vulnerabilities and incidents on its networks.
- Splunk is the data integration platform of choice for DHS’s Continuous Monitoring and Diagnostics (CDM) program, enabling real-time visibility and automated response and reporting to meet agency objectives across all its program phases. Its seamless ingestion and data transformation capabilities help agencies aggregate, report, and share critical security and risk information
Remediating
Improving Investigative and Remediation Capabilities (Sec. 8.)
The Office of Management and Budget’s M-21-31 mandates a maturity model for event log management. At a high level, the memo prescribes an enterprise logging maturity model with 4 levels (EL0-EL3) and then sets deadlines for achieving each level. Each level becomes increasingly sophisticated by requiring more data sources, longer retention, and eventually implementing UBA and SOAR capabilities.
- Watch the on-demand webinar to learn how Splunk can help your organization meet EL 2 Intermediate Tier capabilities required within 18 months
