CONTACT
    US-Seal

    EO Resource Center

    Section 8: Investigation & Remediation

    Section Overview

    Section 8 develops cybersecurity event log requirements across the federal government so that agencies can better detect intrusions, mitigate in-progress attacks, and determine the extent of damage. Agencies and their IT service providers will need to collect and maintain logging data and, when necessary, provide it upon request to federal cybersecurity leadership.

    Eo Section Section-8

    OMB will formulate policies for agencies to establish requirements around:

    1. The types of logs to maintain
    2. The time periods to retain the logs and other relevant data
    3. The time periods to enable recommended logging and security requirements
    4. Protecting logs by cryptographic methods to ensure integrity once collected and periodically verified against the hashes throughout their retention
    Executive Order Sections
    Section 1: Policy
    Section 2: Threat Info-Sharing
    Section 3: Modernization
    Section 4: Software Supply Chain
    Section 5: Cyber Safety Review Board
    Section 6: IR Playbooks
    Section 7: Threat Detection
    Section 8: Investigation & Remediation
    Section 9: National Security Systems
    Section 10: Definitions
    Section 11: General Provisions

    Do you have questions about the Executive Order’s requirements

    Request Information

    There is power in strong partnerships.

    Learn more about our best-in-class solutions for Executive Order Requirements.