Dive Brief:
- Four Democratic senators are urging the Department of Homeland Security to reconstitute its Cyber Safety Review Board, citing a pressing need to investigate significant cyberattacks.
- Senate Intelligence Committee ranking member Mark Warner (D-Va.) and Sens. Ron Wyden (D-Ore.), Richard Blumenthal (D-Conn.) and Elissa Slotkin (D-Mich.) wrote to DHS Secretary Kristi Noem that her dismissal of the board’s members in January “has undermined cyber defense preparations for public and private entities across the United States.”
- The dispute over the CSRB highlights how the Trump administration’s actions have sowed concern and confusion throughout the cybersecurity community.
Dive Insight:
The Biden administration created the CSRB to produce detailed, actionable reports on major cyberattacks, drawing lessons from the role that the National Transportation Safety Board has played in accident investigations.
The CSRB, composed of senior government officials and prominent cyber-industry executives, was in the middle of investigating China’s “Salt Typhoon” breach of U.S. telecom companies when the Trump administration abruptly fired its members on Jan. 20, effectively shuttering the board.
While some lawmakers and experts have questioned the CSRB’s structure — including its inability to compel witness testimony and recusal policies when investigations involve board members’ employers — the cyber community has overwhelmingly supported the board’s existence.
The CSRB’s “comprehensive and incredibly fact-intensive investigations have provided invaluable transparency and lessons for the wider software and IT sectors,” the senators told Noem, referencing the board’s reports on China’s intrusions into Microsoft Exchange Online and Russia’s supply-chain attack against SolarWinds and its customers.
The lack of a CSRB report on Salt Typhoon “is depriving the public of a fuller accounting of the origin, scope, scale, and severity of these compromises,” the lawmakers wrote. “It is essential that the U.S. develop a complete and thorough understanding of the factors that contributed to the success of these intrusions — including clear root-cause analyses of each successful penetration — and present key recommendations for the telecommunications sector to better protect itself against similarly complex and large-scale compromises by future threat actors.”
Policymakers and security specialists say Chinese government-backed hacking operations are among the most serious threats facing the U.S., and concerns about these attacks have mounted as Trump has stoked a trade war with Beijing. The lawmakers’ CSRB letter reflects simmering anxieties within the digital security community about the continuing implications of the board’s closure.
“You have had more than four months to reestablish this Board to conduct this critical work,” the senators told Noem. “DHS leadership and CISA must work together to immediately reinstate the Board as a crucial part of America’s cyber defense infrastructure.”
DHS did not respond to a request for comment about the letter, but Deputy Secretary Troy Edgar told senators during his confirmation hearing in February that the department planned to reconstitute the CSRB “at the right time.” A top cyber-focused House Republican lawmaker has asked DHS to review the CSRB’s activities.
Some former CSRB members want a new board to be structured differently. Dmitri Alperovitch, chairman of Silverado Policy Accelerator, said at the RSAC Conference in April that the CSRB should be an independent entity with members who work for it full-time.
