DHS Launches First-Ever Cyber Safety Review Board. The 15-member group will focus on significant cybersecurity events and recommend improvements.
The CSRB’s first report, which will be delivered this summer, will include:
- a review and assessment of vulnerabilities associated with the Log4j software library, to include associated threat activity and known impacts, as well as actions taken by both the government and the private sector to mitigate the impact of such vulnerabilities.
- recommendations for addressing any ongoing vulnerabilities and threat activity; and,
- recommendations for improving cybersecurity and incident response practices and policy based on lessons learned from the Log4j vulnerability.
“A continuous learning culture is critical to staying ahead of the increasingly sophisticated cyber threats we face in today’s complex technology landscape. Over two decades in the Army, I learned the importance of a detailed and transparent After Action Review process in unpacking both failures and successes.” said CISA Director Jen Easterly.
<p>I am positive the CSRB will have many references to identities and the unfortunate sloppy way they are created, managed and reviewed in today\’s enterprise. Hackers not only look for vulnerabilities in our infrastructure but also for our dormant, ghost and over-privilege accounts. These are serious vulnerabilities that the hackers exploit by using these account to stay persistent and lateral move across the enterprise seeking valued resources. In addition, they use their knowledge of the enterprise and often execute malware to escalate privileges. A mention of these identity issues surely will be in the CSRB report.</p>
<p>We welcome this initiative. It will be important for the board to consider two major reports published last year (<a href=\"https://www.fiercehealthcare.com/tech/report-shows-patient-data-vulnerable-to-hacks-third-party-aggregators\" target=\"_blank\" rel=\"noopener\" data-saferedirecturl=\"https://www.google.com/url?q=https://www.fiercehealthcare.com/tech/report-shows-patient-data-vulnerable-to-hacks-third-party-aggregators&source=gmail&ust=1644328565123000&usg=AOvVaw3h26CAEmEb7apADWig4REL\">https://www.fiercehealthcare.<wbr />com/tech/report-shows-patient-<wbr />data-vulnerable-to-hacks-<wbr />third-party-aggregators</a>) that found that that no effective shielding solutions were in place in mobile health apps: secrets could be acquired from mobile health apps and used to attack APIs directly.</p>
<p>The research also highlighted well known vulnerabilities found in some APIs and it was possible to use one user\’s (genuine) credentials to access (many) other people\’s PHI data. Effective run-time shielding can eliminate these risks.</p>