Congress urged to formalize Cyber Safety Review Board

Congress is being pushed by the U.S. Department of Homeland Security to pass legislation that would formalize the Cyber Safety Review Board, which has been created by President Joe Biden in an executive order last year to investigate and issue recommendations on major cybersecurity events beginning with the Log4j vulnerability, reports The Record, a news site by cybersecurity firm Recorded Future. Aside from formally authorizing funding for the CSRB, the bill sought by the DHS would give the board subpoena powers to organizations impacted by cyberattacks, said DHS Undersecretary for Strategy, Policy, and Plans Rob Silvers at the RSA 2023 Conference. Such a legislative proposal has already been approved by the board on April 24. "[W]e think Congress should put its stamp on it and also give us a foundation for more resources, further building out the staff," Silvers said. Meanwhile, Google Vice President of Security Engineering and CSRB Co-Chair Heather Adkins noted that the CSRB has already modified its operations following its investigation of the Log4 flaw but is still looking to obtain more information from the community to better serve its purpose.