×

Get the Best GovCon News Straight to your Inbox

Cybersecurity

Internal Revenue Service Advances Cyber Data Logging Efforts

Cybersecurity response

playbook automation

Internal Revenue Service Advances Cyber Data Logging Efforts

Rick Therrien, the Internal Revenue Service’s director of cybersecurity operations, said “tremendous progress” has been made in gathering data needed to gain visibility into potential network threats.

The IRS’ enhancements to cyber incident logging are part of an Office of Management and Budget directive, Federal News Network reported Thursday.

Speaking at an American Council for Technology-Industry Advisory Council webinar earlier in November, Therrien noted that data has been acquired from legacy and modern systems, including those in the cloud.

Therrien’s agency aims to automate cybersecurity response playbooks by combining logging data with security orchestration, automation and response technology.

In September, a Department of the Treasury watchdog reported gaps in the IRS’ user audit logging for the Cyber Security Assessment and Management application. The Treasury Department Inspector General for Tax Administration recommended that the agency ensure the weekly review of CSAM audit logs and the documentation of findings.

A separate audit by TIGTA found that the IRS has made progress in implementing zero trust.

GovCon Wire Logo

Sign Up Now! Potomac Officers Club provides you with Daily Updates and News Briefings about Cybersecurity

Category: Cybersecurity

Tags: audit data log cybersecurity cybersecurity response playbook Department of the Treasury Federal News Network Internal Revenue Service Rick Therrien