LogRhythm Protective Monitoring Compliance Package Meets Monitoring, Reporting and Investigation Requirements of GPG13

Enables public sector organisations to save time and money while proactively securing and monitoring ICT resources

Maidenhead, 14 April 2010 - LogRhythm, the company that makes log data useful, has developed a Protective Monitoring: GPG 13 compliance package, which contains pre-built reports, alarms and investigations, bundled into LogRhythm’s award-winning log management and SIEM 2.0 solution. Designed to support the monitoring, reporting and investigation requirements of the CESG’s Good Practice Guide 13 (GPG13), LogRhythm enables public sector organisations to take a proactive approach to securing and monitoring HMG ICT resources, while saving time and money in the process. All public sector organisations are impacted by GPG13 and the 12 Protective Monitoring Controls (PMC) which help make up the guidelines. The PMCs describe specific organisational requirements for monitoring, including that information systems must be monitored in real-time and that investigations, reports and alarm rules facilitate immediate analysis and notification of conditions that are impacting an enterprise.

As such, log and event management is a fundamental component of an effective Protective Monitoring strategy.

Protective Monitoring for HMG ICT Systems: GPG 13 provides a framework for treating risks to systems and LogRhythm’s automated log management solution includes mechanisms for collecting ICT log information and configuring ICT logs in order to provide an audit trail of security relevant events of interest in line with GPG13 guidelines.

Using LogRhythm’s inbuilt information classification schema to simplify the task of interpreting detailed technical information into logical business and compliance language, LogRhythm’s time to value is extremely rapid. Enterprise assets defined within the scope of the Protective Monitoring compliance mandate are categorised by control type and these devices are eligible for inclusion in the report framework. Report scans can be generated as needed by the GPG13 Compliance Officer (SIRO) and scheduled to run at pre-determined intervals.

Ross Brewer, vice president and managing director, LogRhythm EMEA and APAC, comments:

“Securing systems by greater visibility and insight into system and user behaviour is now an intrinsic requirement of every organisation’s IT policy - particularly in light of the pending £500,000 penalties for data controllers who contravene data protection policies. However, for public sector organisations who are already tackling various compliance initiatives with stretched resources, GPG13 may be perceived as an unwelcome tick in the box requirement. By adopting an automated approach to Protective Monitoring, organisations will not only have greater hold over network security, but can control the cost of demonstrating compliance elsewhere and reduce the complexity of managing the heterogeneous IT infrastructures that are typical of public sector organisations.”

About LogRhythm

LogRhythm is a world leader in NextGen SIEM, empowering organizations on six continents to successfully reduce risk by rapidly detecting, responding to and neutralizing damaging cyberthreats. The LogRhythm platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security automation & orchestration (SAO) in a single end-to-end solution. LogRhythm’s Threat Lifecycle Management (TLM) workflow serves as the foundation for the AI-enabled Security Operations Center (SOC), helping customers measurably secure their cloud, physical and virtual infrastructures for both IT and OT environments. Built for security professionals by security professionals, the LogRhythm platform has won many accolades, including being positioned as a Leader in Gartner’s SIEM Magic Quadrant.