TLDR:
- The Cyber Safety Review Board (CSRB) needs more robust authorities and increased independence from the private sector to improve its investigations into major cybersecurity incidents.
- The CSRB lacks the ability to subpoena organizations involved in cybersecurity events and also lacks full-time staff not connected to private firms.
- Experts have criticized the CSRB for conducting “consensus-based resolutions” that lack substance and not yet probing the SolarWinds supply chain attack of 2020.
Cybersecurity experts have highlighted the gaps in the Department of Homeland Security’s Cyber Safety Review Board (CSRB) and have called for stronger authorities and increased independence from the private sector to enhance its investigations into major cybersecurity incidents. The CSRB, which was designed to resemble the National Transportation Safety Board, has faced limitations in its effectiveness due to its inability to subpoena organizations involved in cybersecurity events and its lack of full-time staff not connected to private firms.
Tarah Wheeler, CEO of Red Queen Dynamics, expressed the need for the CSRB to have more robust authorities and called for increased independence from the private sector. Wheeler noted that the CSRB’s investigations into the Lapsus$ cybercrime operation and Log4j vulnerability were merely “consensus-based resolutions” that lacked substance.
Tracy Herr, Director of the Atlantic Council Cyber Statecraft Initiative, echoed these sentiments and also criticized the CSRB for not yet probing the SolarWinds supply chain attack of 2020, despite its severity. Herr emphasized the importance of increased transparency in the selection of the CSRB’s members.
Overall, experts are calling for changes to improve the effectiveness of the CSRB in investigating major cybersecurity incidents. These changes include granting the CSRB the authority to subpoena organizations, ensuring full-time staff not connected to private firms, and increasing transparency in member selection. By addressing these gaps, the CSRB can play a more significant role in safeguarding critical infrastructure from cyber threats.