However, some agencies have not met the federal requirements for event logging-i.e., ensuring that cybersecurity incidents are tracked and that these tracking logs are appropriately retained and managed.
Federal agencies rely upon the following for cybersecurity incident response: tools, such as endpoint detection and response solutions; services, such as threat hunting or cyber threat intelligence provided by the Cybersecurity and Infrastructure Security Agency (CISA) and third party firms; and resources, such as skilled staff and funding.
[
add
]
[
|
|
...
]