Yes, Obamacare added more duties to the IRS, but any business or government agency that has data storage, sensitive data and data connected to money transfers is negligent if it fails to properly secure that data.
You can’t look at the overall budget needs and pull money from cybersecurity if that means lessening security fixes and updates. His testimony indicates the IRS did just that.
“You can’t look at the overall budget needs and pull money from cybersecurity if that means lessening security fixes and updates. His testimony indicates the IRS did just that.”
They all do that. I own a small IT security company. Business won’t spend money on security because its the “right” thing to do. They won’t do it to protect Grandmas money or healthcare. They will only do it if the government forces them or the penalty for a breach is incredibly severe. Even then many of them will gamble that the breach won’t happen on their watch.
Been there done that.
We’ve also done business with the government. With a few exceptions they are worse. I’ve seen them eliminate all security funding on contracts.
There is a reason most of us have had our data stolen multiple times.