Cribl puts your IT and Security data at the center of your data management strategy and provides a one-stop shop for analyzing, collecting, processing, and routing it all at any scale. Try the Cribl suite of products and start building your data engine today!
Learn more ›Evolving demands placed on IT and Security teams are driving a new architecture for how observability data is captured, curated, and queried. This new architecture provides flexibility and control while managing the costs of increasing data volumes.
Read white paper ›Cribl Stream is a vendor-agnostic observability pipeline that gives you the flexibility to collect, reduce, enrich, normalize, and route data from any source to any destination within your existing data infrastructure.
Learn more ›Cribl Edge provides an intelligent, highly scalable edge-based data collection system for logs, metrics, and application data.
Learn more ›Cribl Search turns the traditional search process on its head, allowing users to search data in place without having to collect/store first.
Learn more ›Cribl Lake is a turnkey data lake solution that takes just minutes to get up and running — no data expertise needed. Leverage open formats, unified security with rich access controls, and central access to all IT and security data.
Learn more ›The Cribl.Cloud platform gets you up and running fast without the hassle of running infrastructure.
Learn more ›Cribl.Cloud Solution Brief
The fastest and easiest way to realize the value of an observability ecosystem.
Read Solution Brief ›Cribl Copilot gets your deployments up and running in minutes, not weeks or months.
Learn more ›AppScope gives operators the visibility they need into application behavior, metrics and events with no configuration and no agent required.
Learn more ›Explore Cribl’s Solutions by Use Cases:
Explore Cribl’s Solutions by Integrations:
Explore Cribl’s Solutions by Industry:
September 25 | 10am PT / 1pm ET
Hold my beer: lessons from one team’s data pipeline journey
Register ›Try Your Own Cribl Sandbox
Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›Get inspired by how our customers are innovating IT, security and observability. They inspire us daily!
Read Customer Stories ›Sally Beauty Holdings
Sally Beauty Swaps LogStash and Syslog-ng with Cribl.Cloud for a Resilient Security and Observability Pipeline
Read Case Study ›Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›Transform data management with Cribl, the Data Engine for IT and Security
Learn More ›Cribl Corporate Overview
Cribl makes open observability a reality, giving you the freedom and flexibility to make choices instead of compromises.
Get the Guide ›Stay up to date on all things Cribl and observability.
Visit the Newsroom ›Cribl’s leadership team has built and launched category-defining products for some of the most innovative companies in the technology sector, and is supported by the world’s most elite investors.
Meet our Leaders ›Join the Cribl herd! The smartest, funniest, most passionate goats you’ll ever meet.
Learn More ›Whether you’re just getting started or scaling up, the Cribl for Startups program gives you the tools and resources your company needs to be successful at every stage.
Learn More ›Want to learn more about Cribl from our sales experts? Send us your contact information and we’ll be in touch.
Talk to an Expert ›October 4, 2022
The United States is the #1 target for cybersecurity attacks in the world. 38% of targeted cybersecurity attacks so far in 2022 were aimed at the United States data and systems.[1] That’s alarming. And we see it in the news almost every day. Solarwinds, Colonial Pipeline, The Pulse Secure VPN zero-day… There’s an increasing number of threats and attacks, to the tune of 15.1% year over year.[2]
The public sector also relies heavily on private sector vendors. Many of the vendors that federal agencies leverage to route, process, and analyze security and observability data are the same ones enterprises use, like SentinelOne, CrowdStrike, and Splunk. This presents a challenge for a couple of reasons. First of all, the goal of an enterprise is to solve problems for customers and ultimately to make money, and getting that paper isn’t always in the best interest of the American public. And secondly, vendor lock-in starts to look a LOT scarier when it’s agencies of your federal government experiencing that lack of flexibility. Cyber attacks are getting more complex, and it’s happening fast. What if an agency needs to switch vendors to properly secure the nation?
On top of all that, agencies deal with all the same data pains that everyone else does, including a deluge of data and tool sprawl.[3]
The Biden Administration’s answer to these data challenges is Executive Order 14028. EO 14028 emphasizes cybersecurity as a national priority and mandates federal agencies to adapt to today’s continuously changing threat environment. As follow-on guidance to the Executive Order, the Office of Management and Budget (OMB) issued several memorandums meant to give guidance around how exactly we go about improving the nation’s cybersecurity. M-21-31 lays out a maturity model for logging, M-22-01 has guidance on endpoint detection and response (EDR) best practices, M-22-09 mandates a zero trust model for agencies, M-22-16 walks through zero trust architecture (ZTA) implementation and IT modernization, and the newest memo, M-22-18, walks through secure software development practices for the supply chain.
Federal agencies are being asked to do a lot as it relates to cybersecurity, and they’re being asked to do those things by a certain date. It’s incredibly stressful, and stress often gives way to misconceptions. In this blog post, I’ll touch on 3 common misconceptions about EO 14028: Improving the Nation’s Cybersecurity.
Most people think an executive order comes down out of the sky, lands on a CISO’s desk, and then those agencies have to scramble to comply. That’s simply not true. I’ve spent many hours talking to agency CISOs and CIOs (some of them oversee multiple agencies), and one of the things I kept hearing from them was this: They had already been looking to do what the Executive Order was mandating.
“Of course I want to move to a zero trust model. I’ve been transitioning our agencies for over a year.”
“One of my agencies prefers to build their own tools, and another one always buys. I need data to flow seamlessly between them.”
“I want and need to retain more data for longer, and I’m trying to. I’m just not sure how to get it done cost effectively.”
So what actually is happening is agency CISOs and CIOs have been working to improve their cybersecurity practices for quite some time; it’s just more important now than ever.
That last quote above is super telling and highlights a real pain point that I see not only in Fed, but in SLED and at many enterprises. How do I strike that perfect balance between cost, flexibility, and control? It can seem impossible.
The fact of the matter is that not having a data pipelining engine, not having a centralized control plane, is expensive. Data volumes are constantly going up year after year, which makes it difficult to manage all that data, and it’s often not in the most cost-effective destinations. Introducing an observability pipeline into your environment (even for security data) will streamline operations and actually save you time and money moving forward.
We’ve all been there. You want to bring a shiny new tool or software into your organization, and you’re confident it will solve all your problems and help you meet your mission or business goals. And what happens next?
That’s right. Enter the dissenters.
“Did you look at Tool B? It costs way less.” –Economic Buyer
“We’ve already got a tool that does this. Why do we need something new?” –Guy that brought Tool That Does ThisTM to the organization
“I need the software to do this. Does it? Are you sure?” –Threat Analyst #703
At first, it can feel like you’ll never get it done. I want to clear up this misconception as well. When it comes to this Executive Order, you have to remember the title of it: Improving the Nation’s Cybersecurity. People can always argue with you about which tool you want to buy. They cannot argue that we don’t need to improve our nation’s cybersecurity. Sell the mission, not the tool.
In summary, sometimes it seems like executive orders and memorandums just appear out of thin air, and agency CISOs and CIOs get left scrambling to comply. While they still have to follow EO directives and memo guidance, rather than simply reacting to them, executive orders and memorandums can be a proactive tool for agency leaders to push their data initiatives forward.
That said, there are a few misconceptions about the timeline and how exactly to get that done. I hope I’ve cleared those up for you in this post. If you’re interested in continuing the conversation and learning 3 tricks on how to flip the script as you work to comply with Executive Order 14028, check out our on-demand webinar: Jedi Mind Tricks and The Executive Order.
Vlad Melnik Aug 9, 2024
Berwyn Jones Mar 1, 2024
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?