DHS establishes the nation’s first Cyber Safety Review Board

DHS building with the crest on the front of it
(Image credit: Shutterstock)

The US Department of Homeland Security (DHS) has announced the creation of the nation’s first-ever Cyber Safety Review Board (CSRB).

The move follows President Biden's Executive Order 14028, which aims to improve cyber security in the country.

The CSRB, led by 15 eminent cyber security experts from the federal government and the private sector, will help evaluate critical cyber security incidents as a means of assisting the government, industry, and broader security communities in protecting the nation's networks and infrastructure.

The board will focus its initial review on the vulnerabilities found in the widely used Log4j software library in late 2021. According to the White House and DHS, Log4j's examination will generate a wealth of cyber security lessons.

CSRB’s first report will also include recommendations for improving cyber security and incident response operations based on the findings from Log4j’s vulnerability study, in addition to suggestions for countering any existing vulnerabilities and threats.

The secretary of Homeland Security Alejandro Mayorkas said: “The Biden-Harris Administration has taken bold steps to meaningfully improve our cybersecurity resilience.”

RELATED RESOURCE

Vulnerability and patch management

Keep known vulnerabilities out of your IT infrastructure

FREE DOWNLOAD

“At the President’s direction, DHS is establishing the Cyber Safety Review Board to thoroughly assess past events, ask the hard questions, and drive improvements across the private and public sectors. I look forward to reviewing the Board’s recommendations regarding how we can better protect communities across our country as DHS works to build a more secure digital future,” added Mayorkas.

Furthermore, the CSRB will serve as a distinct forum for government and private sector leaders to communicate their strategic recommendations to the President and Secretary of Homeland Security.

Advice, information, or recommendations from the CSRB will be made publicly available in most instances, although appropriate redactions may be made, consistent with applicable law and the need to protect sensitive information.

“When a major cyber incident occurs, it impacts all of us,” said CSRB deputy chair Heather Adkins.

“The CSRB is a ground-breaking opportunity to conduct holistic reviews and provide forward-thinking solutions that cut across organizations and sectors. I am honored to serve with this diverse array of talent from both private companies and the U.S. government as we launch this inaugural review.”