DHS Announces New Cybersecurity Review Board
Written & Submitted by: Dr. Keith Morneau, Dean of Computer & Information Science at ECPI University
The U.S. Department of Homeland Security’s Alejandro Mayorkas announced that they would be establishing a new cybersecurity review board (CSRB) on Thursday, February 3, 2022 that would be modeled loosely after the National Transportation Security Board (NTSB).
What is the Cybersecurity Review Board?
The creation of the CSRB stems from President Biden’s May 2021 executive order in response to the SolarWinds and Microsoft cyber-attacks. The Cybersecurity Review Board is newly created and tasked with investigating cybersecurity events and making recommendations on how to address them in the future. This board will be made up of members who are experts in the fields of technology, law, and national security. The goal of this board is to provide more transparency when it comes to cybersecurity issues facing our country.
Who is on the Cybersecurity Review Board?
Rob Silvers, the Department of Homeland Security’s undersecretary for strategy, policy, and plans, will chair the board. He and the director of the Cybersecurity and Infrastructure Agency will appoint up to 20 members that includes representatives from DHS, CISA, NSA, FBI, and also experts in the private sector. These experts need to be more than policy-minded, they must be cybersecurity professionals that deal with these issues every day.
The deputy chair of the board is a representative from the private sector, which is Heather Adkins, Senior Director, Security Engineering, Google (CSRB Deputy Chair).
DHS announced other members other of the CSRB as follows:
- Dmitri Alperovitch, Co-Founder and Chairman, Silverado Policy Accelerator; Co-Founder and former CTO, CrowdStrike, Inc.
- John Carlin, Principal Associate Deputy Attorney General, Department of Justice
- Chris DeRusha, Federal Chief Information Security Officer, Office of Management and Budget
- Chris Inglis, National Cyber Director, Office of the National Cyber Director
- Rob Joyce, Director of Cybersecurity, National Security Agency
- Katie Moussouris, Founder and CEO, Luta Security
- David Mussington, Executive Assistant Director for Infrastructure Security, Cybersecurity and Infrastructure Security Agency
- Chris Novak, Co-Founder and Managing Director, Verizon Threat Research Advisory Center
- Tony Sager, Senior Vice President and Chief Evangelist, Center for Internet Security
- John Sherman, Chief Information Officer, Department of Defense
- Bryan Vorndran, Assistant Director, Cyber Division, Federal Bureau of Investigation
- Kemba Walden, Assistant General Counsel, Digital Crimes Unit, Microsoft
- Wendi Whitmore Senior Vice President, Unit 42, Palo Alto Networks
Critics of the CSRB state that private sector businesses will be unwilling to share sensitive information to really get to the bottom of the security issues. Also, critics wonder how this board will be able to address cybersecurity attacks that happen almost daily. This board would have to work urgently and swiftly and not take months to investigate and publish reports.
Proponents of the CSRB state that businesses need to more accountable to security breaches and reporting those breaches to the public. These events are usually handled in secrecy with little transparency in the process. The hope would be for the CSRB to be able to share best practices to prevent catastrophic cybersecurity events in the future.
First order of business for the CSRB is to investigate the Log4j vulnerability from late 2021 and provide recommendations on how to address ongoing vulnerabilities and threat activities, how to improve the incident response policy and implement best practices on lessons learned from Log4J.
Are You Ready to Start a Cybersecurity Career?
Interested in a career in cybersecurity? Consider enrolling for a Bachelor of Science in Computer and Information Science with a major in Cyber and Network Security at ECPI University. Connect with a knowledgeable admissions representative for more information.
The National Security Agency and the Department of Homeland Security have designated ECPI University as a National Center of Academic Excellence in Cyber Defense Education (CAE-CDE) for the Bachelor of Science in Computer and Information Science: Cyber and Information Security Technology major, Cybersecurity Track through academic year 2023. Designation Letter can be viewed here.
It could be the Best Decision You Ever Make!
DISCLAIMER - ECPI University makes no claim, warranty, or guarantee as to actual employability or earning potential to current, past or future students or graduates of any educational program we offer. The ECPI University website is published for informational purposes only. Every effort is made to ensure the accuracy of information contained on the ECPI.edu domain; however, no warranty of accuracy is made. No contractual rights, either expressed or implied, are created by its content.
For more information about ECPI University or any of our programs click here: http://www.ecpi.edu/.