"What the Census Bureau Can Learn From the IRS About Detecting Cyberattacks"

Separate reports from agency watchdogs revealed the difference proper detection control implementation could make in limiting the impact of attempted cyber intrusions. One report highlighted a foiled ransomware attack against the Internal Revenue Service (IRS), and the other covered an internal penetration test of the Census Bureau's resilience. According to a November 23 report, IRS personnel told the Treasury Department's Inspector General for Tax Administration (TIGTA) that their centralized information security hub responded to and neutralized a ransomware attack detected in May. The TIGTA report linked the IRS' successful detection and response to testing procedures incorporated into its policies in accordance with the National Institute of Standards and Technology (NIST) and the US Homeland Security Department's Cybersecurity and Infrastructure Security Agency (CISA) guidelines. Another Commerce Department inspector general report showed how incomplete implementation of similar policies, in this case at the Census Bureau, can produce wildly disparate results. The Census Bureau is required to record and monitor network activity and respond to alerts about potential security incidents, but it failed to do so, according to a November 22 report based on a covert penetration test it conducted from August 2021 to March this year. This article continues to discuss lessons that the Census Bureau can learn from the IRS in regard to detecting cyberattacks.

NextGov reports "What the Census Bureau Can Learn From the IRS About Detecting Cyberattacks"