Pentagon touts $80M in DOGE Cuts, But Public Receipts Don’t Add Up - Pub K | Government Contracts News for Legal Professionals

OMB Memo – Ensuring Effective and Efficient Agency Logging and Network Visibility to Defend Against Evolving Cyber Threats

PeopleImages.com - Yuri A | Shutterstock

A new OMB memorandum (M-26-14), issued May 22, rescinds the 2021 M-21-31 logging directive and replaces it with a risk-based framework requiring federal agencies to maintain robust network visibility for real-time monitoring and post-incident forensics.

The memo explicitly covers systems “operated by third parties on the agency’s behalf,” meaning managed service providers, cloud vendors, and IT operations contractors are likely in scope alongside the agencies themselves.

Key technical demands include collecting logs that capture user identity, network traffic, privilege changes, infrastructure modifications, and attack vectors — with logs remaining actively searchable for 6 months and retrievable for 12 months. A five-level maturity model sets the compliance bar, with agencies required to reach “Advanced” (Level 3) within roughly 10 months after the forthcoming CISA reference architecture is published.

That architecture — expected by late August at cisa.gov/Logging — will trigger compliance deadlines. Contractors should assess gaps against the requirements in Appendix B of the memo and proactively engage agency CIOs.

M-26-14-Ensuring-Effective-and-Efficient-Agency-Logging-and-Network-Visibility-to-Defend-Against-Evolving-Cyber-Threats

Track federal procurement transformation with daily updates on DOGE, agency reform, and policy changes with our Transforming Procurement newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.