Australia: Published guidance on best practices for event logging and cyber threat detection
Description
Published guidance on best practices for event logging and cyber threat detection
On 22 August 2024, the Australian Signals Directorate’s Australian Cyber Security Centre along with partners from the United States, United Kingdom, New Zealand, Japan, Korea, Singapore and the Netherlands, published a guidance on best practices for event logging and cyber threat detection for cloud services, enterprise information technology (IT) networks, enterprise mobility and operational technology (OT) networks. Notably, the guidance outlines are four key factors to consider when pursuing logging best practices, including enterprise-approved event logging policy, centralised event log access and correlation, secure storage and event log integrity, and, detection strategy for relevant threats.
Original sourceScope
Policy Area
Data governance
Policy Instrument
Cybersecurity regulation
Regulated Economic Activity
infrastructure provider: internet and telecom services, infrastructure provider: cloud computing, storage and databases, infrastructure provider: other
Implementation Level
bi- or plurilateral agreement
Government Branch
executive
Government Body
other regulatory body