Internal Revenue Service Advances Cyber Data Logging Efforts
Rick Therrien, the Internal Revenue Service’s director of cybersecurity operations, said “tremendous progress” has been made in gathering data needed to gain visibility into potential network threats.
The IRS’ enhancements to cyber incident logging are part of an Office of Management and Budget directive, Federal News Network reported Thursday.
Speaking at an American Council for Technology-Industry Advisory Council webinar earlier in November, Therrien noted that data has been acquired from legacy and modern systems, including those in the cloud.
Therrien’s agency aims to automate cybersecurity response playbooks by combining logging data with security orchestration, automation and response technology.
In September, a Department of the Treasury watchdog reported gaps in the IRS’ user audit logging for the Cyber Security Assessment and Management application. The Treasury Department Inspector General for Tax Administration recommended that the agency ensure the weekly review of CSAM audit logs and the documentation of findings.
A separate audit by TIGTA found that the IRS has made progress in implementing zero trust.
Tags: audit data log cybersecurity cybersecurity response playbook Department of the Treasury Federal News Network Internal Revenue Service Rick Therrien