The Cyber Safety Review Board Should Investigate Major Historical Incidents
Tarah Wheeler and Adam write in CFRThe Council on Foreign Relations has published an essay by Tarah Wheeler and myself, The Cyber Safety Review Board Should Investigate Major Historical Incidents. It starts:
The U.S. Cyber Safety Review Board (CSRB) was established on February 3, 2022 after the major cyber incident known as SolarWinds. This board was intended to investigate and report on significant cyber incidents, following the example of the U.S. National Transportation Security Board’s ability to build and disseminate a respected shared history of aviation incidents. This newly-established CSRB was to investigate SolarWinds first, but the CSRB has not done so yet, and apparently will not be choosing to do so. The one report issued so far, on the open source Log4shell vulnerabilities, was clear and helpful, but there are much more impactful events that can be investigated to provide a pattern from which history can be established by careful investigation.
Spoiler: I quote Tolkien, not Star Wars.
Image by Midjourney, "A small council meets to review an incident in a well lit room in Rivendell. Cinematic. High fantasy. lord of the rings. --ar 16:9"