CISA, Microsoft Provide Federal Agencies New Cloud Logging Capabilities

The Cybersecurity and Infrastructure Security Agency has introduced the Expanded Cloud Log Implementation Playbook, a solution expanding Federal Civilian Executive Branch agencies’s cloud logging capabilities.

CISA has been working with Microsoft, the Office of Management and Budget and the Office of the National Cyber Director over the past six months to ensure agencies can effectively use logs to detect and remediate cyberthreats. The solution complies with the agency’s Secure by Design guidance, requiring technology companies to provide high-quality audit logs to customers at no extra cost.

The new logging capability solution comes after a federal agency discovered suspicious activity in unclassified Microsoft 365 audit logs, CISA .gov reported.

Candice Ling, senior vice president at Microsoft Federal, said the company recognized the importance of having advanced logging capabilities to detect, respond to and prevent sophisticated cyberattacks.

Microsoft has started working with CISA on making security logs available, starting in July 2023. The two organizations are collaborating to ensure federal and commercial customers have expanded access to cloud security logs.