in Cybersecurity, News

Splunk’s Bill Rowan Urges Cyber Readiness Assessment Under New OMB Logging Memo

Photo: Bill Rowan / LinkedIn
Bill Rowan. The Splunk VP of public sector urged agencies to assess their cyber readiness as OMB implements M-26-14.
Bill Rowan VP, Public Sector Splunk
  • Splunk’s Bill Rowan has urged agencies to assess cybersecurity readiness under OMB M-26-14
  • New OMB guidance focuses on continuous event monitoring and threat hunting, investigation, response & forensics
  • The 2026 FedCiv Summit will examine cybersecurity, AI and other government modernization priorities

Bill Rowan, vice president of public sector at Splunk, said federal agencies and enterprises should assess their cybersecurity readiness as the Office of Management and Budget implements a new memorandum directing agencies to adopt a risk-based logging framework to counter evolving cyberthreats. 

Splunk's Bill Rowan Urges Cyber Readiness Assessment Under New OMB Logging Memo - top government contractors - best government contracting event

As agencies implement new cybersecurity visibility and logging requirements under a new OMB memo, government and industry leaders continue to evaluate the technologies, strategies and partnerships needed to strengthen cyber resilience. Attend the 2026 FedCiv Summit and join experts as they discuss artificial intelligence adoption, cloud and data infrastructure, cybersecurity, workforce modernization, procurement and collaboration across government and industry. Save your seat now for the Oct. 29 event!

What Are the Recommended Steps to Prepare for New OMB Guidance?

In a blog post published Monday, Rowan, a four-time Wash100 awardee, outlined steps agencies and other organizations should take to align with the OMB Memorandum M-26-14 and strengthen their ability to detect, investigate and respond to cyberthreats.

According to Rowan, organizations should begin with a gap analysis to compare current logging capabilities against the 11 baseline requirements identified in OMB’s updated guidance.

He also recommended evaluating storage strategies to support the future Logging Reference Architecture, or LRA, standard referenced in the memo.

Rowan said agencies and enterprises should prioritize automation as threat actors increasingly use automated tools and AI to accelerate attacks. He noted that AI-driven detection capabilities can help reduce alert fatigue and allow security teams to focus on proactive threat hunting.

The Splunk executive also encouraged organizations to work with cybersecurity experts to assess their environments against emerging standards and develop long-term resilience plans.

In a recent blog post, Rowan explained how AI and unified visibility could help public and private sector organizations mitigate risk, accelerate response and strengthen cybersecurity resilience.

What Does the New OMB Memo Say?

In May, OMB issued Memorandum M-26-14 to establish updated requirements for agency logging and network visibility.

The memorandum centers on two objectives: continuous event monitoring, or CEM, which focuses on real-time monitoring and detection of suspicious activity, and threat hunting, investigation, response and forensics, or THIRF, which supports post-compromise analysis and recovery.

The guidance also introduces a revised five-level maturity model and aligns with the Cybersecurity and Infrastructure Security Agency’s planned LRA.

How Does Splunk Support OMB Memo’s Objectives?

Rowan said Splunk’s security and observability platform is designed to support the CEM and THIRF objectives outlined in the updated OMB guidance.

He highlighted data management capabilities available through the Splunk Data Management Suite, including Ingest Actions, Ingest Processor and Edge Processor, which allow administrators to manage data routing and prioritize selected data sources.

Rowan also pointed to analytics and automation capabilities such as Exposure Analytics, Risk-based Alerting, User and Entity Behavior Analytics, AI Toolkit and Splunk SOAR. He noted that Splunk SmartStore and Federated Search could support searchable and retrievable data retention requirements, while the Splunk Cloud Platform provides support for log encryption and hashing.

Splunk has also continued to expand its federal cybersecurity ecosystem. The company recently expanded its partnership with General Dynamics Information Technology to deliver AI-powered cybersecurity offerings to federal agency customers.

Rowan added that Splunk and its parent company Cisco offer capabilities designed to support zero trust implementation across network, identity, application and device environments.

ExecutiveBiz Logo

Sign Up Now! ExecutiveBiz provides you with Daily Updates and News Briefings about Cybersecurity

mm

Written by Jane Edwards

is a staff writer at Executive Mosaic, where she writes for ExecutiveBiz about IT modernization, cybersecurity, space procurement and industry leaders’ perspectives on government technology trends.

Photo: Teramis
Stacy Bostjanick. The former DIB cybersecurity chief at DOW has joined Teramis as an advisory board member.
Teramis Adds Former Pentagon Cyber Leader Stacy Bostjanick to Advisory Board
Photo:
Accenture logo. Accenture and Carnegie Mellon University have launched the AI Adoption Maturity Model.
Accenture, Carnegie Mellon Launch AI Adoption Maturity Model