DHS Creating Cyber Incident Review Board to Learn from Major Hacks
The Department of Homeland Security plans to announce a new cyber safety review board on Thursday, according to POLITICO (subscription).
Why now: President Biden ordered the creation of the board in May 2021 in response to the increased threat of major cyberattacks.
What the board will do: “The cyber review board will convene after major cyber incidents, when directed by the national security adviser or whenever DHS or the Cybersecurity and Infrastructure Security Agency call for it to do so. After evaluating the relevant cyber incident, the board may ‘develop advice, information or recommendations … for improving cybersecurity and incident response practices and policy,’ which DHS will then provide to the president, according to the document.”
Board breakdown: The board has not yet been named but will include 20 members from federal agencies and private-sector organizations. DHS Under Secretary for Strategy, Policy and Plans Rob Silvers will serve as the board’s inaugural chair.
Transparency: The board will release its findings “whenever possible,” but it is unclear how often that will be given the high classification status given to cybersecurity reports.
First job: President Biden’s executive order gives the board, once established, 90 days to analyze and share its findings on the 2020 SolarWinds cyber espionage campaign.
What we’re saying: “Manufacturers understand that our nation’s economic security is directly tied to cybersecurity,” said NAM Vice President of Infrastructure, Innovation and Human Resources Policy Robyn Boerstling. “Through comprehensive and connected relationships with customers, vendors, suppliers and governments, manufacturers are entrusted with vast amounts of highly sensitive data and intellectual property. The responsibility of securing information, networks, facilities and machinery that support manufacturing is considered a highest priority for our sector. The volume of incidents and intrusions impacting the nation’s critical infrastructure demands action. We’re focused on ensuring manufacturers have access to the tools and support they need so they can continue to deliver on their essential missions.”