"When Tech Vendors Make Key Logging Info Available for Free, Everyone Wins"

Eric Goldstein, Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), emphasizes that access to key logging data is crucial for quickly mitigating cyber intrusions, such as the recently identified incident affecting a federal agency's Microsoft Exchange Online environment. In this case, the affected agency used available logging data as a resource to detect suspicious activity, enable remediation actions to limit damage, and help Microsoft and CISA teams in identifying and assisting additional victims. Goldstein stresses that requiring organizations to pay more for essential logging leads to insufficient visibility when investigating cybersecurity incidents, which could give adversaries dangerously high levels of success when targeting American organizations. CISA applauds Microsoft's decision to make necessary logs, identified by CISA and its partners as critical to identifying cyberattacks, available to customers without additional cost. This article continues to discuss the importance of logging data in mitigating cyber incidents. 

CISA reports "When Tech Vendors Make Key Logging Info Available for Free, Everyone Wins"