Cyber Safety Review Board

When it was operating, the Board reviewed and assesses significant cyber incidents and provides findings and recommendations to the United States Secretary of Homeland Security. It was unusual in that was a collaboration between government and the private sector. Executive Order 14028 provides that the Board is composed of up to twenty members, chosen by the Director of the Cybersecurity and Infrastructure Security Agency. Those members must include representatives from various federal agencies, as well as individuals employed by the private sector. == Reports ==

As of 2024, the CSRB has issued three substantive reports. Review of the December 2021 Log4j Event On July 11, 2022, the CSRB published its first report, reviewing the Log4Shell vulnerability and associated incidents. Review of the Attacks Associated with Lapsus$ and Related Threat Groups On July 24, 2023, the CSRB published a report reviewing the Lapsus$ international hacker group. Review of the Summer 2023 Microsoft Exchange Online Intrusion On March 20, 2024, the CSRB published a report detailing how in May 2023, a cyber threat actor classified by Microsoft as STORM-0558 compromised the mailboxes of a broad range of victims in the United States and United Kingdom, including email accounts in the U.S. Department of State, U.S. Department of Commerce, and U.S. House of Representatives. The CSRB reported that STORM-0558 was able to compromise Microsoft's corporate network using unknown means and steal a Microsoft Services Account (MSA) key, which STORM-0558 then used to sign forged authentication tokens granting it access to specific mail accounts. Following the publication of the report, Microsoft CEO Satya Nadalla released a blog post acknowledging the CSRB's report and pledging to prioritize security in the future. == 2024 members ==

At the time of dissolution, the CSRB was composed of 15 cybersecurity leaders from the federal government and the private sector: • Robert Silvers, Under Secretary for Policy, Department of Homeland Security (Chair) • Heather Adkins, Vice President, Security Engineering, Google (Deputy Chair) • Dmitri Alperovitch, Co-Founder and Chairman, Silverado Policy Accelerator and Co-Founder and former CTO of CrowdStrike, Inc. • Leslie Beavers, Acting Chief Information Officer, Department of Defense • Harry Coker, Jr., National Cyber Director, Office of the National Cyber Director • Jerry Davis, Chief Information Security Officer, Software and Digital Platforms, Microsoft • Mike Duffy, Acting Federal Chief Information Security Officer, Office of Management and Budget • Jeff Greene, Executive Assistant Director for Cybersecurity, Cybersecurity and Infrastructure Security Agency • Jamil Jaffer, Venture Partner, Paladin Capital Group and Founder and Executive Director, National Security Institute, GMU Scalia Law School • Rob Joyce, Owner, Joyce Cyber LLC. • Chris Krebs, Chief Intelligence and Public Policy Officer, Sentinel One • David Luber, Director, Cybersecurity Directorate, National Security Agency • Marshall Miller, Principal Associate Deputy Attorney General, Department of Justice • Katie Nickels, Senior Director of Intelligence Operations, Red Canary • Bryan Vorndran, Assistant Director, Cyber Division, Federal Bureau of Investigation == Previous members ==

Private sector CSRB members serve for a term of two years, which may be renewed up to three times. • Chris Inglis, National Cyber Director, Office of the National Cyber Director • Katie Moussouris, Founder and CEO, Luta Security • David Mussington, Executive Assistant Director for Infrastructure Security, Cybersecurity and Infrastructure Security Agency • Chris Novak, Co-Founder and Managing Director, Verizon Threat Research Advisory Center • Tony Sager, Senior Vice President and Chief Evangelist, Center for Internet Security • John Sherman, Chief Information Officer, Department of Defense • Kemba Walden, Assistant General Counsel, Digital Crimes Unit, Microsoft • Wendi Whitmore, Senior Vice President, Unit 42, Palo Alto Networks == References ==