News and blog
NXLog main page
  • Products
    NXLog Platform
    Log collection
    Log management and analytics
    Log storage
    NXLog Community Edition
    Integrations
    Professional Services
  • Solutions
    Use cases
    Specific OS support
    SCADA/ICS
    Windows event log
    DNS logging
    MacOS logging
    Solutions by industry
    Financial Services
    Government & Education
    Entertainment & Gambling
    Telecommunications
    Medical & Healthcare
    Military & Defense
    Law Firms & Legal Counsel
    Industrial & Manufacturing
  • Plans
  • Partners
    Find a Reseller
    Partner Program
  • Resources
    Documentation
    Blog
    White papers
    Videos
    Webinars
    Case Studies
    Community Program
    Community Forum
  • About
    Company
    Careers
  • Support
    Support portals
    Contact us

NXLog Platform
Log collection
Log management and analytics
Log storage
NXLog Community Edition
Integrations
Professional Services

Use Cases
Specific OS support
SCADA/ICS
Windows event log
DNS logging
MacOS logging
Solutions by industry
Financial Services
Government & Education
Entertainment & Gambling
Telecommunications
Medical & Healthcare
Military & Defense
Law Firms & Legal Counsel
Industrial & Manufacturing


Find a Reseller
Partner Program

Documentation
Blog
White papers
Videos
Webinars
Case Studies
Community Program
Community Forum

Company
Careers

Support portals
Contact us
Let's Talk Start free
NXLog search
  • Loading...
Let's Talk Start free
September 30, 2022 compliancestrategy

Assertive compliance - using frameworks to extend your coverage

By Jason Carney

Share
ALL SIEM STRATEGY SECURITY ANNOUNCEMENT DEPLOYMENT COMPLIANCE COMPARISON RSS

So, it happened again. You got an internal audit finding or a regulatory notice. Or you just had a nagging feeling and found customer data somewhere it shouldn’t have been. Morale sinks. Are you forced to choose between serving your customers and addressing compliance weaknesses? Nobody said IT Compliance was easy. But don’t sign up to do any more work than is necessary. Use Frameworks to identify the activities, like logging, that demonstrate compliance for multiple domains and get the absolute best coverage without extra work.

Don’t ever accept partial credit

compliance

There’s a dirty secret in the IT Compliance world. At its core, it doesn’t change that much. That’s not to say that there hasn’t been any change. The technology that we use changes all the time. The industries that rely on technology change too. How we go about fulfilling compliance requirements change.

But the core of IT Compliance is mostly fixed around maintaining confidentiality, integrity, and data availability. That was the goal when we were tapping away in RACF on mainframes, CAT at the CLI in Unix or Get-ADUser in PowerShell. It is still the goal whether we are storing credit card data, processing health information, or maintaining source code repos. It is a powerful insight. Once we recognize that the objectives are more or less the same at a high level, we can make some assumptions. An activity that covers “User Access Reviews” for PCI Compliance might also cover it (or its equivalent) for GDPR. So, if you’re ensuring that all your users are appropriately authorized to store PCI data, you’ve got a pretty good start regarding GDPR User Access Reviews too. And for that matter, wherever User Access Reviews are required. Spoiler: They are needed everywhere.

The NIST Cybersecurity Framework: A Rosetta Stone

Everybody knows the story of the Rosetta Stone. Vast bodies of work were written in Egyptian Hieroglyphs, but nobody alive could read them; when someone discovered a stone tablet that contained the same messages in both Greek and Egyptian, the mystery of Hieroglyphs unraveled. “Frameworks” are the Rosetta Stones of IT Compliance. They allow you to relate a compliance requirement to an activity and cross-reference other compliance requirements. Arguably the NIST Cybersecurity Framework is the most prominent. The NIST Cybersecurity Framework was issued by the National Institute of Standards and Technology, an arm of the US Federal Government. It has since become required for all Federal agencies and, by extension, has been adopted by Federal contractors, large service organizations, and technology firms. It is written in plain language, is rationally organized, and is open-source.  We’re big fans of open-source projects. But most importantly, every requirement in the Framework relates to both an activity and its equivalent condition in other standards.

So if we know that a part of our PCI compliance is to send logs to a SIEM for immediate analysis, we can search the NIST Cybersecurity Framework to see where audit logging might fall. We learned then that we are not only PCI compliant (yea!) but also made some headway into CIS’ Critical Security Controls, ISACA’s COBIT5, the International Society of Automation’s 62443 series, the International Standards Organization 27001, and NIST’s SP800-53 series. It should be noted that this extra credit isn’t automatic. You’ll still need to research the associated requirements. But it is a good start, and the chances are good you can re-use your existing activities (with some updates).

Automate the right things and flourish

There’s another secret to uncover here. Increasing compliance coverage isn’t just about tracing your activities to the relevant standards. It is also about choosing the suitable actions to perform to get the best coverage. We might be a little biased, but we think leveraging logging technologies is where you can truly shine in compliance. For example, the NIST Cybersecurity Framework comprises five functional areas. Logging controls impact all five areas and is critical in four of them. So logging is a great place to start if you want to get a compliance issue under control. That means a robust logging strategy can be the difference between an agile and comprehensive compliance posture and one stuck remediating audit findings. The best practice is to look for multi-platform tools that can also add value in different environments. Don’t put yourself in the position of choosing between serving customers and remaining compliant.

NXLog Platform is an on-premises solution for centralized log management with
versatile processing forming the backbone of security monitoring.

With our industry-leading expertise in log collection and agent management, we comprehensively
address your security log-related tasks, including collection, parsing, processing, enrichment, storage, management, and analytics.

Start free Contact us
  • log collection
  • compliance
  • security
  • security risk
  • it security
Share

Facebook Twitter LinkedIn Reddit Mail
Related Posts

How NXLog can help meet compliance mandates
4 minutes | June 1, 2022
Using Raijin Database Engine to aggregate and analyze Windows security events
11 minutes | July 29, 2021
File-based logs? Yes, they’re still being used!
3 minutes | August 25, 2021

Stay connected:

Sign up

Keep up to date with our monthly digest of articles.

By clicking singing up, I agree to the use of my personal data in accordance with NXLog Privacy Policy.

Featured posts

Announcing NXLog Platform 1.6
April 22, 2025
Announcing NXLog Platform 1.5
February 27, 2025
Announcing NXLog Platform 1.4
December 20, 2024
NXLog redefines log management for the digital age
December 19, 2024
2024 and NXLog - a review
December 19, 2024
Announcing NXLog Platform 1.3
October 25, 2024
NXLog redefines the market with the launch of NXLog Platform: a new centralized log management solution
September 24, 2024
Welcome to the future of log management with NXLog Platform
August 28, 2024
Announcing NXLog Enterprise Edition 5.11
June 20, 2024
Raijin announces release of version 2.1
May 31, 2024
Ingesting log data from Debian UFW to Loki and Grafana
May 21, 2024
Announcing NXLog Enterprise Edition 6.3
May 13, 2024
Raijin announces release of version 2.0
March 14, 2024
NXLog Enterprise Edition on Submarines
March 11, 2024
The evolution of event logging: from clay tablets to Taylor Swift
February 6, 2024
Migrate to NXLog Enterprise Edition 6 for our best ever log collection experience
February 2, 2024
Raijin announces release of version 1.5
January 26, 2024
2023 and NXLog - a review
December 22, 2023
Announcing NXLog Enterprise Edition 5.10
December 21, 2023
Raijin announces release of version 1.4
December 12, 2023
Announcing NXLog Enterprise Edition 6.2
December 4, 2023
Announcing NXLog Manager 5.7
November 3, 2023
Announcing NXLog Enterprise Edition 6.1
October 20, 2023
Raijin announces release of version 1.3
October 6, 2023
Upgrading from NXLog Enterprise Edition 5 to NXLog Enterprise Edition 6
September 11, 2023
Announcing NXLog Enterprise Edition 6.0
September 11, 2023
The cybersecurity challenges of modern aviation systems
September 8, 2023
Raijin announces release of version 1.2
August 11, 2023
The Sarbanes-Oxley (SOX) Act and security observability
August 9, 2023
Log Management and PCI DSS 4.0 compliance
August 2, 2023
Detect threats using NXLog and Sigma
July 27, 2023
HIPAA compliance logging requirements
July 19, 2023
Announcing NXLog Enterprise Edition 5.9
June 20, 2023
Industrial cybersecurity - The facts
June 8, 2023
Raijin announces release of version 1.1
May 30, 2023
CISO starter pack - Security Policy
May 2, 2023
Announcing NXLog Enterprise Edition 5.8
April 24, 2023
CISO starter pack - Log collection fundamentals
April 3, 2023
Raijin announces release of version 1.0
March 9, 2023
Avoid vendor lock-in and declare SIEM independence
February 13, 2023
Announcing NXLog Enterprise Edition 5.7
January 20, 2023
NXLog - 2022 in review
December 22, 2022
Need to replace syslog-ng? Changing to NXLog is easier than you think
November 23, 2022
The EU's response to cyberwarfare
November 22, 2022
Looking beyond Cybersecurity Awareness Month
November 8, 2022
GDPR compliance and log data
September 23, 2022
NXLog in an industrial control security context
August 10, 2022
Raijin vs Elasticsearch
August 9, 2022
NXLog provides native support for Google Chronicle
May 11, 2022
Aggregating macOS logs for SIEM systems
February 17, 2022
How a centralized log collection tool can help your SIEM solutions
April 1, 2020

Categories

  • SIEM
  • STRATEGY
  • SECURITY
  • ANNOUNCEMENT
  • DEPLOYMENT
  • COMPLIANCE
  • COMPARISON
logo

Subscribe to our newsletter to get the latest updates, news, and products releases. 

© Copyright 2024 NXLog FZE.

Privacy Policy. General Terms of Use

Follow us

  • Product
  • NXLog Platform 
  • Log collection
  • Log management and analysis
  • Log storage
  • Integration
  • Professional Services
  • Plans
  • Resources
  • Documentation
  • Blog
  • White papers
  • Videos
  • Webinars
  • Case studies
  • Community Program
  • Community forum
  • Support
  • Getting started guide
  • Support portals
  • About NXLog
  • About us
  • Careers
  • Find a reseller
  • Partner program
  • Contact us