The DHS is bridging the gap between private companies and government agencies via the newly formed Cyber Safety Review Board (CSRB).
The CSRB will review and assess significant cybersecurity events so that government, industry, and the broader security community can better protect our nation’s networks and infrastructure. The CSRB will share a public version of the report with appropriate redactions for privacy and to preserve confidential information.
DHS says the CSRB will include the following items in a report on the flaws due this summer:
- a review and assessment of vulnerabilities associated with the Log4j software library, to include associated threat activity and known impacts, as well as actions taken by both the government and the private sector to mitigate the impact of such vulnerabilities;
- recommendations for addressing any ongoing vulnerabilities and threat activity; and,
- recommendations for improving cybersecurity and incident response practices and policy based on lessons learned from the Log4j vulnerability.
The CSRB includes 15 highly esteemed cybersecurity leaders from the federal government and the private sector. That includes officials from the National Security Agency, Department of Defense, and FBI as well as executives from Microsoft, Google, and Verizon, among others.
The board states that it can include up to 20 members appointed by the director of the Cybersecurity and Infrastructure Security Agency (CISA).The Board will focus on learning lessons and sharing them with those that need them to enable advances in national cybersecurity.
Detailed information on CSRB available in CISA website.
