DHS Cyber Safety Review Board to Analyze Cloud Environment Vulnerabilities

The Department of Homeland Security’s Cyber Safety Review Board will conduct a review of the vulnerabilities facing cloud computing environments.

CSRB’s third review will assess the recent Microsoft Exchange Online intrusion and review issues like cloud-based identity and authentication infrastructure and other problems facing cloud service providers. The CSRB will also provide recommendations on how government agencies, the private industry and CSPs can strengthen identity management and authentication.

Once completed, copies of the report will be sent to President Joe Biden through Homeland Security Security Alejandro Mayorkas and Cybersecurity and Infrastructure Security Agency Director Jen Easterly, the Department of Homeland Security said.

The announcement comes after CSRB released the report of its second review on Thursday, which examined cyber operations by the Lapsus$ hacking group. The second review found that Lapsus$ has been using a wide range of techniques to evade security tools and gain access to companies and their propriety data.

CSRB’s first review in the series, initiated in 2022, investigated the risks posed by Log4j open-source software library vulnerabilities. CSRB also provided appropriate responses to Log4j vulnerabilities.