CYBERSECURITYDHS Launches Cyber Safety Review Board

Published 3 February 2022

On Thursday, 3 February 2022, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB). DHS says that the CSRB is an unprecedented public-private initiative that will bring together government and industry leaders to elevate our nation’s cybersecurity.

On Thursday, 3 February 2022, the U.S. Department of Homeland Security (DHS) announced the establishment of the Cyber Safety Review Board (CSRB), as directed in President Biden’s Executive Order 14028 on Improving the Nation’s Cybersecurity. DHS says that the CSRB is an unprecedented public-private initiative that will bring together government and industry leaders to elevate our nation’s cybersecurity.

Secretary of Homeland Security Alejandro N. Mayorkas said: “At the President’s direction, DHS is establishing the Cyber Safety Review Board to thoroughly assess past events, ask the hard questions, and drive improvements across the private and public sectors. I look forward to reviewing the Board’s recommendations regarding how we can better protect communities across our country as DHS works to build a more secure digital future.”

The CSRB will review and assess significant cybersecurity events so that government, industry, and the broader security community can better protect our nation’s networks and infrastructure. The CSRB’s first review will focus on the vulnerabilities discovered in late 2021 in the widely used log4j software library. These vulnerabilities, which are being exploited by a growing set of threat actors, present an urgent challenge to network defenders. As one of the most serious vulnerabilities discovered in recent years, its examination will generate many lessons learned for the cybersecurity community. Together, the White House and DHS determined that focusing on this vulnerability and its associated remediation process was the most important first use of the CSRB’s expertise.

The CSRB will provide a unique forum for collaboration between government and private sector leaders who will deliver strategic recommendations to the President and the Secretary of Homeland Security. The CSRB is composed of 15 highly esteemed cybersecurity leaders from the federal government and the private sector. Robert Silvers, DHS Under Secretary for Policy, will serve as Chair and Heather Adkins, Google’s Senior Director for Security Engineering, will serve as Deputy Chair. DHS’s Cybersecurity and Infrastructure Security Agency (CISA) will manage, support, and fund the Board with CISA Director Jen Easterly responsible for appointing CSRB members, in consultation with the DHS Under Secretary for Policy Rob Silvers, and for convening the Board following significant cybersecurity events.