The Trump administration has disbanded members of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cyber Safety Review Board (CSRB). This board, established in February 2022 as a public-private initiative, was tasked with assessing significant cybersecurity incidents and offering recommendations to enhance cybersecurity and incident response practices.
The decision highlights the Trump administration’s focus on reducing resource misuse and aligning DHS activities with national security priorities, as stated in a memo signed by acting Secretary of Homeland Security Benjamine Huffman.
Comprised of experts from both the public and private sectors, the CSRB produces reports and recommendations on significant cybersecurity events. The board is presently examining the Salt Typhoon hacks, involving Chinese-linked attackers who infiltrated the networks of at least nine telecommunications companies.
In its brief existence, the CSRB issued several high-profile reports. In 2022, it analyzed vulnerabilities tied to the Apache Log4j library, identifying the Log4Shell flaw as a persistent weakness likely to affect organizations for years. The board also reviewed mitigation efforts surrounding the flaw.
In July 2023, the CSRB released a critical report faulting Microsoft for a series of preventable errors that allowed the China-based nation-state group Storm-0558 to exploit its infrastructure and breach dozens of organizations.
Just a month later, in August 2023, the board investigated cyber intrusions by the LAPSUS$ cybercrime group, highlighting its effectiveness, speed, creativity, and ability to use a variety of techniques.
In addition to the CSRB, other advisory bodies that have been disbanded include the Artificial Intelligence Safety and Security Board, the Critical Infrastructure Partnership Advisory Council, the National Security Telecommunications Advisory Committee, the National Infrastructure Advisory Council, and the USSS Cyber Investigations Advisory Board. The future structure and roles of these advisory committees remain unclear.