Cyber Safety Review Board (CSRB)
The Cyber Safety Review Board was established pursuant to President Biden's Executive Order (EO) 14028 on 'Improving the Nation's Cybersecurity'. The Board serves a deliberative function to review and assess significant cyber incidents and make concrete recommendations that would drive improvements within the private and public sectors. The Board's construction is a unique and valuable collaboration of government and private sector members and provides a direct path to the Secretary of Homeland Security and the President to ensure the recommendations are addressed and implemented, as appropriate. As a uniquely constituted advisory body, the Board will focus on learning lessons and sharing them with those that need them to enable advances in national cybersecurity.
About the CSRB
CSRB Charter
Learn more about the CSRB.
CSRB Members
Learn more about the members who make up the CSRB.
Announcement
On August 10, 2023, DHS released the latest report from the Cyber Safety Review Board (CSRB) on its Review Of The Attacks Associated with Lapsus$ And Related Threat Groups. The report addresses recent attacks associated with Lapsus$, a global extortion-focused hacker group.
Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Report
Download the Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Report.
Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Executive Summary
Download the Review Of The Attacks Associated with Lapsus$ And Related Threat Groups Executive Summary.
Additional Resources
Executive Order on Improving the Nation's Cybersecurity
Read the Executive Order which established the Cyber Safety Review Board (CSRB).
CSRB Review of the December 2021 Log4j Event
Download the CSRB's comprehensive review of the Log4j vulnerability.
CSRB Log4j Key Findings and Recommendations Summary
The discovery of the Log4j vulnerability led to key findings and actionable recommendations.
Cyber Safety Review Board Report on Inaugural Proceedings
Download the Cyber Safety Review Board Report on Inaugural Proceedings.
DHS Legislative Proposal CSRB
Download the DHS Legislative Proposal CSRB.
News and Media
CSRB to Conduct Review on Cloud Security
The Department of Homeland Security announced that the Cyber Safety Review Board (CSRB) will conduct its next review on the malicious targeting of the cloud computing environments.
CSRB Releases Report of its Review of Lapsus$
The Department of Homeland Security (DHS) released the Cyber Safety Review Board's (CSRB) report concluding the review surrounding the activities of Global Extortion-Focused Hacker Group Lapsus$.
CSRB to Conduct Second Review on Lapsus$
The Department of Homeland Security (DHS) declared that the CSRB will review the cyber attacks attributed with Lapsus$.
CSRB Releases Report of its Review into Log4j Vulnerabilities and Response
The Department of Homeland Security (DHS) issued the CSRB first report, which includes findings and suggestions for government and private industry.
DHS Launches First-Ever CSRB
The announcement of the establishment of the CSRB, pursuant to President Biden’s Executive Order on Improving the Nation’s Cybersecurity.
Contact
Information Requests
To request additional information on the CSRB, please email CyberSafetyReviewBoard@cisa.dhs.gov.