From Volume To Value: OMB New Cyber Memo Reshapes Federal Logging Requirements
Reshaping Federal Logging Requirements
As of late May, 2026, logging requirements for federal agencies will shift from a volume-driven mindset to a risk-based logging approach. The previous logging requirements published in 2021 via OMB Memo M-21-31 have been rescinded with the publication of OMB’s latest memo M-26-14, calling the logging of cyber incidents across federal agencies to include both Continuous Event Monitoring (CEM) and Threat Hunting, Investigation, Response and Forensics (THIRF). These two objectives are shifting the focus to real time visibility for agencies and SOC-Driven detection alerting, along with enhancing post-incident analysis and forensic reconstruction.
Federal agencies can’t meet CEM and THIRF objectives without tools that enable speed, correlation and intelligence, shifting system needs more toward SIEM, SOC and logging tool solutions from vendors and partners.
Logging Reference Architecture (LRA)
According to OMB, within 90 days of the memo’s publication, the Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the Federal Chief Information Security Officer (CISO) Council, must develop a Logging Reference Architecture (LRA). The LRA will serve as a government-wide blueprint to help agencies meet the two new logging objectives: Centralized Event Management (CEM), or an effort to move from many disconnected logs to a unified view of security activity and Threat Hunting and Incident Response Forensics (THIRF); what happens after suspicious activity is detected.
The development of the LRA is further expected to also accelerate broader discussions around Security Operations Center (SOC) centralization, alignment with the federal Zero Trust Maturity Model and the integration of AI-enabled cybersecurity capabilities. These efforts support federal agencies’ long-term cybersecurity modernization strategy. IT vendors and partners that can clearly demonstrate how their solutions support these priorities and objectives will be better positioned to compete in the federal market.
Agency Challenges
There are several challenges agencies may face in the coming year when implementing these new requirements. First, federal agencies have 90 days after the LRA is published to submit their detailed logging implementation plans to OMB and CISA. This plan must outline the steps the agency plans to take to reach at least the minimum requirements established by the LRA to achieve the CEM and THIRF objectives. Next, measuring maturity will be an essential component in new systems. The new memo provides a maturity model to guide and measure agency implementation of logging requirements, and defines a set of benchmarks for corresponding levels. Agencies will report on progress through these levels. It evaluates asset visibility, log coverage, alert quality, retention and log protection. Lastly, in the event of a cyber incident compromise, agencies shall provide all relevant information (logs) to CISA and the FBI in a format and timeline provided by CISA.
LRA Implications for Vendors and Partners
The LRA will act as a reference document for agencies when evaluating and deciding which IT solution technologies to use. It will directly affect procurement language, focusing now on CEM, THIRF, Logging maturity levels, SOC visibility, instead of broad storing and retention. Once the LRA is published, agencies will be looking for vendors and partners that will already be offering solutions that understand and align with CEM and THIRF objectives. IT companies will want to emphasize their better detection, and operational resilience of solutions, showcasing an understanding of the LRA and market shifts, in addition to maturity model progression and Zero Trust visibility requirements.
Where Opportunities Will Emerge
With these changes, there will soon be a shift in solution demand to systems that prioritize outcome-driven SIEM and analytics, SOC enablement tools and cost-effective storage strategies. There is likely also to be growing opportunities for Security Orchestration, Automation, and Response (SOAR), Extended Detection and Response (XDR) solutions.
Agencies will continue to require AI-enabled analytics, including proactive behavior analytics and AI-enhanced threat detection. Foundational to all of this is the need for strong data management and cloud storage optimization, ensuring that large volumes of centralized log data can be retained, protected and efficiently accessed without excessive cost or performance trade-offs.
IT companies that position their solutions with these new demands and align with the upcoming LRA guidelines will be in the right spot to meet new federal agency needs and stay competitive in the dynamic cybersecurity market.
To get more TD SYNNEX Public Sector Market Insight content, please visit our Market Intelligence microsite.
About the Author:
Jennifer Miller is an intern on the TD SYNNEX Public Sector Market Intelligence team covering trends across the federal market.
Related Blog Posts
Federal Government, Market Intelligence, State & Local Government, Technology
On May 7, 2026, the FEMA Review Council released its final report recommending a substantial shift in how disaster preparedness, response and recovery are managed nationwide.
Yvonne Maffia
Federal Government, Market Intelligence, State & Local Government, Technology
On May 7, 2026, the FEMA Review Council released its final report recommending a substantial shift in how disaster preparedness, response and recovery are managed nationwide.
Yvonne Maffia
AI, Cybersecurity, Data, Market Intelligence, State & Local Government
As we approach Sled Fiscal Year End (SFYE), SLED agencies are balancing budgets in a constrained environment, addressing rising constituent expectations, tackling growing cybersecurity challenges and supporting accelerated AI adoption.For industry, this confluence of factors creates both complexity and opportunity. In today’s environment, success in SLED comes down to connecting IT investments to clear and measurable ROI in operational efficiency, modernization, resilience and cost savings.
Yvonne Maffia
AI, Cybersecurity, Data, Market Intelligence, State & Local Government
As we approach Sled Fiscal Year End (SFYE), SLED agencies are balancing budgets in a constrained environment, addressing rising constituent expectations, tackling growing cybersecurity challenges and supporting accelerated AI adoption.For industry, this confluence of factors creates both complexity and opportunity. In today’s environment, success in SLED comes down to connecting IT investments to clear and measurable ROI in operational efficiency, modernization, resilience and cost savings.
Yvonne Maffia
Cybersecurity, Education, Federal Government, Healthcare, Market Intelligence, State & Local Government, Technology
At this year’s Red, White and You conference, our market intelligence team detailed the ins and outs of what we’re seeing across the public sector. Throughout the sessions, one theme became clear: while success in the public sector market used to rely heavily on institutional knowledge and long-standing relationships, agency buying cycles, and slower opportunity development, the market this year looks different. It’s faster, calling for more efficiency, innovation and cost-optimization.
Susanna Patten
Cybersecurity, Education, Federal Government, Healthcare, Market Intelligence, State & Local Government, Technology
At this year’s Red, White and You conference, our market intelligence team detailed the ins and outs of what we’re seeing across the public sector. Throughout the sessions, one theme became clear: while success in the public sector market used to rely heavily on institutional knowledge and long-standing relationships, agency buying cycles, and slower opportunity development, the market this year looks different. It’s faster, calling for more efficiency, innovation and cost-optimization.
Susanna Patten
Cybersecurity, Education, Federal Government, Healthcare, Market Intelligence, State & Local Government, Technology
At this year’s Red, White and You conference, our market intelligence team detailed the ins and outs of what we’re seeing across the public sector. Throughout the sessions, one theme became clear: while success in the public sector market used to rely heavily on institutional knowledge and long-standing relationships, agency buying cycles, and slower opportunity development, the market this year looks different. It’s faster, calling for more efficiency, innovation and cost-optimization.
Susanna Patten
Cybersecurity, Data & Storage, Federal Government, Market Intelligence
More than 15 years ago, the DoW formally elevated cyber pursuits to the same strategic level as sea, land, air and space. This acknowledgement shifted cybersecurity from risk management to a national defense need, underscoring the importance of protecting the DoW’s defense infrastructure and networks. Defense cybersecurity challenges have since evolved into a multi-domain conflict, particularly with China and Russia - both aiming to infiltrate digital assets.
Toan Le
Cybersecurity, Data & Storage, Federal Government, Market Intelligence
More than 15 years ago, the DoW formally elevated cyber pursuits to the same strategic level as sea, land, air and space. This acknowledgement shifted cybersecurity from risk management to a national defense need, underscoring the importance of protecting the DoW’s defense infrastructure and networks. Defense cybersecurity challenges have since evolved into a multi-domain conflict, particularly with China and Russia - both aiming to infiltrate digital assets.
Toan Le
Cybersecurity, Data & Storage, Federal Government, Market Intelligence
More than 15 years ago, the DoW formally elevated cyber pursuits to the same strategic level as sea, land, air and space. This acknowledgement shifted cybersecurity from risk management to a national defense need, underscoring the importance of protecting the DoW’s defense infrastructure and networks. Defense cybersecurity challenges have since evolved into a multi-domain conflict, particularly with China and Russia - both aiming to infiltrate digital assets.
Toan Le
Cloud, Cybersecurity, Federal Fiscal Year End, Market Intelligence, Technology
The FY27 federal budget request was released on April 3rd, and is providing an initial look at the momentum and impact IT investments will have in the coming years.The Department of War’s unprecedented $1.5T request underscores attention on national security and pushing towards next-generation warfighting capabilities, while across the whole of government, there is expected to be a continued mandate to drive efficiency, consolidate systems and align technology investments with administration priorities.
Nikki Hamlin
Cloud, Cybersecurity, Federal Fiscal Year End, Market Intelligence, Technology
The FY27 federal budget request was released on April 3rd, and is providing an initial look at the momentum and impact IT investments will have in the coming years.The Department of War’s unprecedented $1.5T request underscores attention on national security and pushing towards next-generation warfighting capabilities, while across the whole of government, there is expected to be a continued mandate to drive efficiency, consolidate systems and align technology investments with administration priorities.
Nikki Hamlin
Cloud, Cybersecurity, Federal Fiscal Year End, Market Intelligence, Technology
The FY27 federal budget request was released on April 3rd, and is providing an initial look at the momentum and impact IT investments will have in the coming years.The Department of War’s unprecedented $1.5T request underscores attention on national security and pushing towards next-generation warfighting capabilities, while across the whole of government, there is expected to be a continued mandate to drive efficiency, consolidate systems and align technology investments with administration priorities.
Nikki Hamlin
IT Infrastructure, Market Intelligence, Technology
On a typical day in 2024, the Defense Health Agency (DHA) reported the military health system (MHS) encountered 164,000 patients and 205,000 procedures across military hospitals and medical clinics globally. Assuming this pace continues throughout the fiscal year, MHS is estimated to have managed 60 million occurrences in FY25. The sheer volume of data generated across the MHS is immense. Optimizing this data is critical for clinicians and healthcare providers to support the health and readiness of service members.
Toan Le
IT Infrastructure, Market Intelligence, Technology
On a typical day in 2024, the Defense Health Agency (DHA) reported the military health system (MHS) encountered 164,000 patients and 205,000 procedures across military hospitals and medical clinics globally. Assuming this pace continues throughout the fiscal year, MHS is estimated to have managed 60 million occurrences in FY25. The sheer volume of data generated across the MHS is immense. Optimizing this data is critical for clinicians and healthcare providers to support the health and readiness of service members.
Toan Le
AI, IT Infrastructure, Market Intelligence, Technology, Transportation
In June 2025, Texas signed the Responsible Artificial Intelligence Governance Act into law, outlining statutory requirements for the state’s use of AI. In response to this, the Texas Department of Transportation (TxDOT) released an updated Artificial Intelligence Strategic Plan in January 2026.
Austin Gardner
AI, IT Infrastructure, Market Intelligence, Technology, Transportation
In June 2025, Texas signed the Responsible Artificial Intelligence Governance Act into law, outlining statutory requirements for the state’s use of AI. In response to this, the Texas Department of Transportation (TxDOT) released an updated Artificial Intelligence Strategic Plan in January 2026.
Austin Gardner
Market Intelligence, Technology
The Air Force (DAF) has been aggressively pushing for the modernization of its networks, legacy systems, and software; in line with these efforts is an equally robust acquisition overhaul designed to speed up procurement of everything it buys, from weapon systems to cloud services and digital applications. For IT companies, this shift is creating new opportunities but also means new expectations, greater competition, and challenges.
Toan Le
Market Intelligence, Technology
The Air Force (DAF) has been aggressively pushing for the modernization of its networks, legacy systems, and software; in line with these efforts is an equally robust acquisition overhaul designed to speed up procurement of everything it buys, from weapon systems to cloud services and digital applications. For IT companies, this shift is creating new opportunities but also means new expectations, greater competition, and challenges.
Toan Le
Federal Government, IT Infrastructure, Market Intelligence, Technology
In mid-March, AFCEA NOVA hosted the Naval IT Day in Chantilly, Virginia with the core message on how Navy and Marine Corps digital priorities are enabling the naval force. The message was clear, IT is not just a necessary function, it is a mission-critical warfighting capability.
Nikki Hamlin
Federal Government, IT Infrastructure, Market Intelligence, Technology
In mid-March, AFCEA NOVA hosted the Naval IT Day in Chantilly, Virginia with the core message on how Navy and Marine Corps digital priorities are enabling the naval force. The message was clear, IT is not just a necessary function, it is a mission-critical warfighting capability.
Nikki Hamlin
Cybersecurity, Market Intelligence, Technology
In early March, the White House released the National Cybersecurity Strategy, outlining a six-pillar framework designed to guide federal cyber policy, investment, and operational priorities over the coming years.
Nikki Hamlin
Cybersecurity, Market Intelligence, Technology
In early March, the White House released the National Cybersecurity Strategy, outlining a six-pillar framework designed to guide federal cyber policy, investment, and operational priorities over the coming years.
Nikki Hamlin
Cybersecurity, Market Intelligence, Technology
In early March, the White House released the National Cybersecurity Strategy, outlining a six-pillar framework designed to guide federal cyber policy, investment, and operational priorities over the coming years.
Nikki Hamlin
Cybersecurity, IT Infrastructure, Market Intelligence, State & Local Government, Technology
During this year’s Smart Cities Connect Conference and Expo in Raleigh, NC, one topic garnered considerable attention: AI. Within many city governments, AI is past experimentation and has moved into production. In 2026, city IT leaders are prioritizing safe, secure, and data-driven AI deployments that deliver measurable outcomes in mobility, public safety, infrastructure management, and climate resilience.However, as cities move toward operational AI, challenges exist around data readiness, governance, and integration across departments.
Yvonne Maffia
Cybersecurity, IT Infrastructure, Market Intelligence, State & Local Government, Technology
During this year’s Smart Cities Connect Conference and Expo in Raleigh, NC, one topic garnered considerable attention: AI. Within many city governments, AI is past experimentation and has moved into production. In 2026, city IT leaders are prioritizing safe, secure, and data-driven AI deployments that deliver measurable outcomes in mobility, public safety, infrastructure management, and climate resilience.However, as cities move toward operational AI, challenges exist around data readiness, governance, and integration across departments.
Yvonne Maffia
Cybersecurity, IT Infrastructure, Market Intelligence, State & Local Government, Technology
During this year’s Smart Cities Connect Conference and Expo in Raleigh, NC, one topic garnered considerable attention: AI. Within many city governments, AI is past experimentation and has moved into production. In 2026, city IT leaders are prioritizing safe, secure, and data-driven AI deployments that deliver measurable outcomes in mobility, public safety, infrastructure management, and climate resilience.However, as cities move toward operational AI, challenges exist around data readiness, governance, and integration across departments.
Yvonne Maffia
AI, Education, Market Intelligence, State & Local Government, Technology
In 2023, California Governor Gavin Newsom signed Executive Order N-12-23, directing state government institutions to utilize AI. These state entities are now beginning to move from the theoretical planning phase into the deployment phase with concrete plans.
Austin Gardner
AI, Education, Market Intelligence, State & Local Government, Technology
In 2023, California Governor Gavin Newsom signed Executive Order N-12-23, directing state government institutions to utilize AI. These state entities are now beginning to move from the theoretical planning phase into the deployment phase with concrete plans.
Austin Gardner
AI, Cybersecurity, Education, Market Intelligence, State & Local Government
This year’s Beyond the Beltway conference highlighted key strategic findings from IT leaders that signal where 2026 technology investments will be made and where to focus efforts for success. In 2026, state and local governments are at an inflection point: with rising expectations evolving alongside tightening budgets, staffing and timelines, success will depend on alignment of solutions to modernization requirements, workforce challenges and measurable ROI-driven outcomes.
Yvonne Maffia
AI, Cybersecurity, Education, Market Intelligence, State & Local Government
This year’s Beyond the Beltway conference highlighted key strategic findings from IT leaders that signal where 2026 technology investments will be made and where to focus efforts for success. In 2026, state and local governments are at an inflection point: with rising expectations evolving alongside tightening budgets, staffing and timelines, success will depend on alignment of solutions to modernization requirements, workforce challenges and measurable ROI-driven outcomes.
Yvonne Maffia
Cybersecurity, Federal Government, Infrastructure, Market Intelligence, Technology
The Golden Fleet, a US Navy initiative introduced by the administration in December of 2025, aims to revitalize the US shipbuilding industry, develop and sustain a new class of naval fleet and change how it does business to rapidly address maritime threats, particularly from China, in the Indo-Pacific region. The first frigate is planned for full operation in 2028.
Toan Le
Cybersecurity, Federal Government, Infrastructure, Market Intelligence, Technology
The Golden Fleet, a US Navy initiative introduced by the administration in December of 2025, aims to revitalize the US shipbuilding industry, develop and sustain a new class of naval fleet and change how it does business to rapidly address maritime threats, particularly from China, in the Indo-Pacific region. The first frigate is planned for full operation in 2028.
Toan Le
Cybersecurity, Federal Government, Infrastructure, Market Intelligence, Technology
The Golden Fleet, a US Navy initiative introduced by the administration in December of 2025, aims to revitalize the US shipbuilding industry, develop and sustain a new class of naval fleet and change how it does business to rapidly address maritime threats, particularly from China, in the Indo-Pacific region. The first frigate is planned for full operation in 2028.
Toan Le
Federal Government, Market Intelligence
One-Year Money (e.g., O&M, MILPERS)Funds must be obligated during the fiscal year in which they were appropriated. If O&M is appropriated for FY26, it must be obligated by September 30, 2026. After that, it expires for new obligations. This drives the well-known fourth quarter execution surge.
Lloyd McCoy
Federal Government, Market Intelligence, Technology
If you’ve been part of the defense industrial base (DIB) or are looking to support the DoW, it should come as no surprise that AI is now seeing actionable impact in day-to-day operations. Strategically, AI is essential in warfighting decision-making, analyzing data and enhancing operational logistics. The Army in particular has started incorporating AI solutions across a number of elements outlined below, on the heels of several new strategy announcements and initiatives.
Toan Le
Federal Government, Market Intelligence, Technology
If you’ve been part of the defense industrial base (DIB) or are looking to support the DoW, it should come as no surprise that AI is now seeing actionable impact in day-to-day operations. Strategically, AI is essential in warfighting decision-making, analyzing data and enhancing operational logistics. The Army in particular has started incorporating AI solutions across a number of elements outlined below, on the heels of several new strategy announcements and initiatives.
Toan Le
Cybersecurity, IT Perspective, Market Intelligence, Technology
In early February, Chief of Naval Operations Admiral Daryl Caudle unveiled the details of the US Navy’s 2026 Hedge Strategy. As the Navy is facing a great power competition, rapid technological change and strain on the defense industrial base, it is critical to adapt an innovative operational and strategic approach to maintain adversarial advantage. The strategy shifts away from dominance by mass towards a risk-balanced operational approach that has asymmetric, combat-ready capability. In other words, they are “hedging their bets” on more tailored capabilities and nimble operations.
Nikki Hamlin
Cybersecurity, IT Perspective, Market Intelligence, Technology
In early February, Chief of Naval Operations Admiral Daryl Caudle unveiled the details of the US Navy’s 2026 Hedge Strategy. As the Navy is facing a great power competition, rapid technological change and strain on the defense industrial base, it is critical to adapt an innovative operational and strategic approach to maintain adversarial advantage. The strategy shifts away from dominance by mass towards a risk-balanced operational approach that has asymmetric, combat-ready capability. In other words, they are “hedging their bets” on more tailored capabilities and nimble operations.
Nikki Hamlin
Cybersecurity, IT Perspective, Market Intelligence, Technology
In early February, Chief of Naval Operations Admiral Daryl Caudle unveiled the details of the US Navy’s 2026 Hedge Strategy. As the Navy is facing a great power competition, rapid technological change and strain on the defense industrial base, it is critical to adapt an innovative operational and strategic approach to maintain adversarial advantage. The strategy shifts away from dominance by mass towards a risk-balanced operational approach that has asymmetric, combat-ready capability. In other words, they are “hedging their bets” on more tailored capabilities and nimble operations.
Nikki Hamlin
Federal Government, Market Intelligence, News, Technology
At WEST this year, Department of the Navy leaders signaled a clear shift in modernization priorities: the debate is no longer about adopting emerging technology or drafting strategy documents. Instead, we’re seeing operational speed, how quickly the Navy can field capability, integrate systems and make decisions, become the objective. Across sessions on shipbuilding, acquisition transformation, AI, Zero Trust and maritime force design, the recurring theme was speed matters most.
Susanna Patten
Federal Government, Market Intelligence, News, Technology
At WEST this year, Department of the Navy leaders signaled a clear shift in modernization priorities: the debate is no longer about adopting emerging technology or drafting strategy documents. Instead, we’re seeing operational speed, how quickly the Navy can field capability, integrate systems and make decisions, become the objective. Across sessions on shipbuilding, acquisition transformation, AI, Zero Trust and maritime force design, the recurring theme was speed matters most.
Susanna Patten
AI, Market Intelligence
Over the last year, the Army has been undergoing significant transformation under the Army Transformation Initiative and the larger Pentagon reorganization efforts. This includes the more recent decision to change from Program Executive Offices (PEO) to Portfolio Acquisition Executives (PAEs) to have tighter alignment across missions, the Chief Information Office (CIO), contracting and functional owners. This reorganization will help reduce siloed IT modernization, speed up decision-making and better align acquisition with operational outcomes.
Nikki Hamlin
Market Intelligence
Public sector agencies update their priorities, budgets and technology needs every fiscal year. For IT vendors and resellers, keeping pace with these changes is essential to identifying funded opportunities and positioning solutions effectively. To make that easier, we have opened access to our Market Intelligence Hub, a single destination where you can find detailed research and analysis designed to support your growth in the government market.
Susanna Patten
AI, Data & Storage, Education, Market Intelligence, Students Around The World, Technology
The 2026 FETC Conference took place in Orlando, Florida this year, where K-12 education leaders highlighted how budgets, technology trends, requirements and opportunities are intersecting and how alignment is key to success.
Yvonne Maffia
AI, Data & Storage, Education, Market Intelligence, Students Around The World, Technology
The 2026 FETC Conference took place in Orlando, Florida this year, where K-12 education leaders highlighted how budgets, technology trends, requirements and opportunities are intersecting and how alignment is key to success.
Yvonne Maffia
AI, Data & Storage, Education, Market Intelligence, Students Around The World, Technology
The 2026 FETC Conference took place in Orlando, Florida this year, where K-12 education leaders highlighted how budgets, technology trends, requirements and opportunities are intersecting and how alignment is key to success.
Yvonne Maffia
Federal Government, Market Intelligence, Technology
Aging infrastructure, outdated hardware and overall modernization needs have been a mission-critical challenge for the DoD. It’s not just about IT headaches; there are real obstacles to modernization for the Department. Let’s look at what’s driving the urgency to update in multiple ways and how IT companies can position themselves to help modernize the nation’s defense backbone.
Toan Le
Federal Government, Market Intelligence, Technology
Aging infrastructure, outdated hardware and overall modernization needs have been a mission-critical challenge for the DoD. It’s not just about IT headaches; there are real obstacles to modernization for the Department. Let’s look at what’s driving the urgency to update in multiple ways and how IT companies can position themselves to help modernize the nation’s defense backbone.
Toan Le
AI, Data, Market Intelligence, State & Local Government
This week, the National Association of State Chief Information Officers (NASCIO) released it annual State CIO Top Ten Policy and Technology Priorities list for 2026, signaling where state technology leaders are focusing their efforts, and limited resources, in the new year. This year’s list is reflective of the current policy, priority, and funding shifts that have affected SLED agencies most, coupled with the apparent drive towards innovation and modernization.
Yvonne Maffia