The White House and Department of Homeland Security announced the creation of a 15-person Cyber Safety Review Board.
The Department of Homeland Security announced the creation of a new Cyber Safety Review Board that will bring together cybersecurity experts from public and private organizations to « review and assess significant cybersecurity events. » The board was part of the executive order that President Joe Biden signed last year. Experts have long urged the federal government to create an organization for cybersecurity incidents akin to the National Transportation Safety Board, which investigates airplane crashes and transportation incidents. Homeland Security secretary Alejandro Mayorkas said the board will « thoroughly assess past events, ask the hard questions, and drive improvements across the private and public sectors. » DHS said the board will start its first work on issues related to Log4J because vulnerabilities associated with the software library « are being exploited by a growing set of threat actors » and « present an urgent challenge to network defenders. » « As one of the most serious vulnerabilities discovered in recent years, its examination will generate many lessons learned for the cybersecurity community. Together, the White House and DHS determined that focusing on this vulnerability and its associated remediation process was the most important first use of the CSRB’s expertise, » DHS explained. When asked by ZDNet why the board was working on Log4J before examining the range of issues connected to the SolarWinds scandal, a DHS spokesperson said the federal government and private sector have conducted « various reviews » of the compromise over the past year and decided the best use of the Cyber Safety Review Board’s expertise is to focus its initial review on the vulnerabilities in Log4J software library and associated remediation processes. They noted that the Log4J software library is used widely, is relatively easy to exploit and could cause significant impact on a network. The DHS spokesperson said the board’s review and recommendations « will take into consideration existing findings and recommendations related to the activities that prompted the December 2020 Cyber Unified Coordination Group (i.e., « the SolarWinds incident ») to include any elements related to the existence and exploitation of vulnerabilities or the response to the events.
