|
||
Research and retrieval of news articles by: SPECIAL NOTE TO ALL VISITORS: |
IRS COMPUTER SECURITY CENTER NEEDS IMPROVEMENTSource: Accounting TodayPosted on April 12, 2012 The office at the Internal Revenue Service that is responsible for monitoring the IRS network for cyberattacks and computer vulnerabilities is generally doing a good job, but still has room for improvement, according to a new government report. The report, by the Treasury Inspector General for Tax Administration, evaluated the effectiveness of the Computer Security Incident Response Center at preventing, detecting, reporting and responding to computer security incidents targeting IRS computers and data. "TIGTA found that the CSIRC is effectively performing most of its responsibilities for preventing, detecting, and responding to computer security incidents," said TIGTA Inspector General J. Russell George in a statement. "However, further improvements could be made." TIGTA recommended that the assistant chief information officer of cybersecurity at the IRS direct the CSIRC to develop its Cybersecurity Data Warehouse capability to correlate and reconcile active servers connected to the IRS network with servers monitored by the host-based intrusion detection system. The report also recommended that the IRS revise and expand its memorandum of understanding with the TIGTA Office of Investigations to ensure that all reportable and relevant security incidents are shared with the CSIRC. George noted that the CSIRC's host-based intrusion detection system is not monitoring 34 percent of IRS servers, which puts the IRS network and data at risk. In addition, the CSIRC is not reporting all computer security incidents to the Department of the Treasury, as required. Finally, incident response policies, plans, and procedures are either nonexistent or are inaccurate and incomplete. In addition, the cybersecurity chief should collaborate with the TIGTA Office of Investigations to create common identifiers to help the CSIRC reconcile its incident tracking system with the TIGTA Office of Investigations' incident system, the report recommended. The IRS also needs to develop a standalone incident response policy or update the policy in the IRS's Internal Revenue Manual with current and complete information. The report noted that the cybersecurity chief also needs to develop an incident response plan; and develop, update, and formalize all the critical standard operating procedures. The IRS agreed with the recommendations and corrective actions are planned or in process for five of the six recommendations. While he IRS agreed with the recommendation to correlate and reconcile active servers connected to the IRS network with servers monitored by the host-based intrusion detection system, its proposed corrective actions did not address TIGTA's recommendation. Specifically, the IRS did not commit to implementing the controls TIGTA recommended.
E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes. |
ALERT WebTrust Is Your Best Defense Against Privacy Breaches. Get WebTrust Working For Your Site. |