Ron is working to protect Wisconsin taxpayers from cyber attacks. “The IRS’s refusal to adopt EINSTEIN protections is all the more concerning due to the vast amounts of personally identifiable information that the IRS collects on every American, as well as the IRS’s previous failure to protect this information,” Ron said.
Department of Homeland Security officials told lawmakers that the IRS is “unable or unwilling” to implement legally-required protections against hackers, according to a top Senate Republican.
“DHS recently briefed Committee staff that the IRS is either unable or unwilling to implement the statutorily required mandates,” Sen. Ron Johnson, who chairs the committee on Homeland Security and Government Affairs, wrote in a letter to IRS Commissioner John Koskinen. “According to DHS, the IRS believes, based on other statutes, that IRS is exempt from these statutory requirements.”
Congress required DHS implement a program called EINSTEIN across the federal government, in order to strengthen their ability to “detect and prevent” the cyber attacks afflicting various crucial agencies — including the IRS, which was hacked in 2015 — and private companies in recent years. But the IRS is still not onboard.
“The IRS’s refusal to adopt EINSTEIN protections is all the more concerning due to the vast amounts of personally identifiable information that the IRS collects on every American, as well as the IRS’s previous failure to protect this information,” the Wisconsin Republican wrote Thursday.
The agency maintains it is working to improve their cybersecurity capabilities.
“This remains a priority area even as the IRS budget has declined by $900 million since 2010,” according to the IRS. “As a next step in hardening our network and detecting and preventing malicious traffic, the IRS will put in place Einstein 3 Accelerated (E3A) and is on track to implement before the Dec. 18, 2016, mandated date.”