The United States Department of Homeland Security (DHS) has announced the first-ever Cyber Safety Review Board (CSRB). The board consists of 15 members who are important names from security, defense, and cybersecurity areas from government and big companies such as Google and Verizon.
The first task is Log4j
The mission of the board is to review and assess important cybersecurity events, such as the worldwide chaos caused by the Log4j vulnerabilities at the end of 2021. This specific example will also be the first cybersecurity event that CSRB will review and report. Those reports are expected to generate many lessons for the cybersecurity community. Board’s first report will be delivered in the summer delivering the information below:
- A review and assessment of vulnerabilities associated with the Log4j software library, to include associated threat activity and known impacts, as well as actions were taken by both the government and the private sector to mitigate the impact of such vulnerabilities
- Recommendations for addressing any ongoing vulnerabilities and threat activity
- Recommendations for improving cybersecurity and incident response practices and policy based on lessons learned from the Log4j vulnerability
The Cyber Security Safety Board will also prepare a public version of the report with the preservation of confidential information. The members of the board are listed below:
- Robert Silvers, Under Secretary for Policy, Department of Homeland Security (CSRB Chair)
- Heather Adkins, Senior Director, Security Engineering, Google (CSRB Deputy Chair)
- Dmitri Alperovitch, Co-Founder and Chairman, Silverado Policy Accelerator; Co-Founder and former CTO, CrowdStrike, Inc.
- John Carlin, Principal Associate Deputy Attorney General, Department of Justice
- Chris DeRusha, Federal Chief Information Security Officer, Office of Management and Budget
- Chris Inglis, National Cyber Director, Office of the National Cyber Director
- Rob Joyce, Director of Cybersecurity, National Security Agency
- Katie Moussouris, Founder and CEO, Luta Security
- David Mussington, Executive Assistant Director for Infrastructure Security, Cybersecurity and Infrastructure Security Agency
- Chris Novak, Co-Founder and Managing Director, Verizon Threat Research Advisory Center
- Tony Sager, Senior Vice President and Chief Evangelist, Center for Internet Security
- John Sherman, Chief Information Officer, Department of Defense
- Bryan Vorndran, Assistant Director, Cyber Division, Federal Bureau of Investigation
- Kemba Walden, Assistant General Counsel, Digital Crimes Unit, Microsoft
- Wendi Whitmore, Senior Vice President, Unit 42, Palo Alto Networks
Alejandro N. Mayorkas, secretary of Homeland Security said;
« The Biden-Harris Administration has taken bold steps to meaningfully improve our cybersecurity resilience. At the President’s direction, DHS is establishing the Cyber Safety Review Board to thoroughly assess past events, ask the hard questions, and drive improvements across the private and public sectors. I look forward to reviewing the Board’s recommendations regarding how we can better protect communities across our country as DHS works to build a more secure digital future »