OMB revamps cyber event logging requirements
OMB revamps cyber event logging requirements
https://federalnewsnetwork.com/cybersecurity/2026/05/omb-revamps-cyber-event-logging-requirements/
Publish Date: 2026-05-25 14:49:00
Source Domain: federalnewsnetwork.com
Agencies should take a more risk-based approach to logging cybersecurity data. Agency chief information security officers have to submit to the Cybersecurity and Infrastructure Security Agency and the Office of Management and Budget an updated logging plan that focuses on two specific areas: continuous event monitoring (CEM) and threat hunting, investigation, response and forensics (THIRF).
A new memo from OMB Director Russ Vought rescinds previous logging requirements and establishes a new set of expectations that “minimizes red tape” and contains cost.
“In 2021, OMB issued Memorandum M-21-31 , Improving the Federal Government ‘s Investigative and Remediation Capabilities Related to Cybersecurity Incidents, to raise logging baselines and enhance agencies’ knowledge of events occurring in their systems. Implementation of that memorandum improved foundational capabilities across agencies,” Vought wrote in OMB’s latest memo released Friday. “However, some requirements, such as the retention of vast quantities of logging data without clear utility, proved neither operationally feasible nor cost-effective for most agencies. To address these inefficiencies and the evolving cyber threat environment, this memorandum directs agencies to employ a risk-based, prioritized logging approach.”
OMB added cyber event logging as a requirement for agency CISOs after the SolarWinds incident, saying at the time increased visibility before, during and after a cybersecurity incident, especially through cloud service providers environments and other third-parties is invaluable in the detection, investigation and remediation of cyber threat.
]]
But over time, the amount of data collected by these logging tools became expensive to maintain and required new and advanced tools with artificial intelligence and machine learning capabilities to understand and act on this data.
The Government…
