{"id":256068,"date":"2026-05-26T13:51:00","date_gmt":"2026-05-26T17:51:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/05\/26\/omb-swaps-biden-era-cyber-memo-for-new-prioritized-logging-tactic\/"},"modified":"2026-05-26T14:05:09","modified_gmt":"2026-05-26T18:05:09","slug":"omb-swaps-biden-era-cyber-memo-for-new-prioritized-logging-tactic","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/05\/26\/omb-swaps-biden-era-cyber-memo-for-new-prioritized-logging-tactic\/","title":{"rendered":"OMB swaps Biden-era cyber memo for new prioritized logging tactic"},"content":{"rendered":"<p><a href=\"https:\/\/fedscoop.com\/omb-swaps-biden-era-cyber-memo-prioritized-logging-tactic\/\">OMB swaps Biden-era cyber memo for new prioritized logging tactic<\/a><\/p>\n<p><a href=\"https:\/\/fedscoop.com\/omb-swaps-biden-era-cyber-memo-prioritized-logging-tactic\/\">https:\/\/fedscoop.com\/omb-swaps-biden-era-cyber-memo-prioritized-logging-tactic\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-05-26 13:51:00<\/a><\/p>\n<p>Source Domain: <a href=\"fedscoop.com\">fedscoop.com<\/a><\/p>\n<p>Federal agencies will shift to a priority and risk-based method of logging cybersecurity events under a Friday memo from the Office of Management and Budget aimed at cutting \u201cred tape\u201d and costs.<\/p>\n<p>The memo from OMB Director Russell Vought rescinds and replaces a previous directive from the Biden administration issued after the 2020 SolarWinds breach that affected both the public and private sectors. While the previous policy \u201cimproved foundational capabilities across agencies,\u201d OMB said the amount of data agencies were required to retain was costly and operationally difficult.\u00a0<\/p>\n<p>In its place, the Trump directive outlines \u201ca risk-based, prioritized logging approach\u201d to logging.<\/p>\n<p>OMB\u2019s policy comes amid concern about the use of artificial intelligence and automation to fuel cyberattacks. That technology can speed up the process of gaining access to a system and help covertly maintain that access for a long time. It\u2019s also increasingly being used by threat actors, the memo said. Event logging is a \u201ckey\u201d aspect of agencies\u2019 ability to mitigate those threats.<\/p>\n<p>\u201cAgencies rely on information from logs to understand activity across their systems, recognize events that require attention, and support the analysis and response actions that protect sensitive data and maintain operations,\u201d OMB said.<\/p>\n<p>Under the policy, agencies are instructed to prioritize two objectives: continuous event monitoring (CEM) and threat hunting, investigation, response and forensics (THIRF). Specifically, CEM refers to capabilities that allow agencies to monitor their networks in real time, and THIRF encompasses each agency\u2019s ability to investigate and analyze network activity.\u00a0<\/p>\n<p>In the next 90 days, the Department of Homeland Security\u2019s Cybersecurity and Infrastructure Security Agency (CISA), in coordination with OMB and the Chief Information Security Officer (CISO) Council, will develop more guidance for agencies. That guidance will be in&#8230;<\/p>\n<p><a href=\"https:\/\/fedscoop.com\/omb-swaps-biden-era-cyber-memo-prioritized-logging-tactic\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>OMB swaps Biden-era cyber memo for new prioritized logging tactic https:\/\/fedscoop.com\/omb-swaps-biden-era-cyber-memo-prioritized-logging-tactic\/ Publish Date: 2026-05-26 13:51:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":256070,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/fedscoop.com\/wp-content\/uploads\/sites\/5\/2025\/01\/GettyImages-2193485018.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[20,30,57],"class_list":["post-256068","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-artificial-intelligence","tag-breach","tag-security"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/256068"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=256068"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/256068\/revisions"}],"predecessor-version":[{"id":256073,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/256068\/revisions\/256073"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/256070"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=256068"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=256068"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=256068"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}