Data breaches targeting Institutions of Higher Education (IHEs) continue to escalate and are particularly challenging for small and under resourced schools. The Cybersecurity and Infrastructure Security Agency (CISA) recently introduced Logging Made Easy, a Windows-based log management and protective monitoring solution that is both free and open to the public with no sign-up required. This tool aims to assist organizations, particularly those with limited resources, in providing a basic level of centralized security logging for Windows clients to detect and combat cyber threats more efficiently.
Logging Made Easy may be useful if your institution
-
Is small with limited resources and needs a centralized logging capability;
-
Does not have a Security Operations Center, Security Information and Event Management solution, or any active monitoring functions currently in place;
-
Has small, isolated networks where your existing corporate monitoring practices cannot reach; or
-
Needs a capability to gather logs and monitor your enterprise’s information technology but lacks resources.
Note: CISA cautions that this tool is still early in development and CISA is not able to comment on or troubleshoot individual installations. It is not a professional tool and should not be used as a security information and event management (SIEM). Federal Student Aid (FSA) is sharing news of the CISA tool’s availability but does not endorse it.
For more information, visit CISA’s Logging Made Easy webpage.
In addition, FSA published guidance 3 Key Strategies: Safeguarding Schools from Cyber Threats to help schools address systemic cybersecurity risk. Along with each recommendation, there are key actions and related resources to help schools build, operate, and maintain resilient cybersecurity programs.
If you suspect you may have been compromised or had a breach, report a breach with the Cybersecurity Intake Form. For any questions regarding the information provided in this announcement or if you want to sign up for FSA’s quarterly Cybersecurity newsletter, please contact FSASchoolCyberSafety@ed.gov.
