Table of Contents
Some experts are concerned that the dismissal of the Cyber Safety Review Board removes a critical security blanket and cancels a report that could have been valuable to cybersecurity leaders.
The administration of US President Donald Trump has dismissed all members of its Cyber Safety Review Board (CSRB), including those investigating the China-linked hacking group Salt Typhoon. Other groups affected by a general clear-out include the AI Safety and Security Board and the National Security Telecommunications Advisory Committee.
Cybersecurity experts have expressed concern about the move, arguing that US cybersecurity will suffer unless the board or something similar is re-established.
In a short statement, Benjamine Huffman, acting secretary of the Department of Homeland Security (DHS) notified members on all advisory committees within the department that their services were no longer required. The move was framed as part of plan to clamp down of the “misuse of resources” in rationalising Homeland Security resources and focusing more keenly on national security issues.
“In alignment with the Department of Homeland Security’s commitment to eliminating the misuse of resources and ensuring that DHS activities prioritize our national security, I am directing the termination of all current memberships on advisory committees within DHS, effective immediately,” Huffman said in the statement.
“Future committee activities will be focused solely on advancing our critical mission to protect the homeland and support DHS’s strategic priorities. To outgoing advisory board members, you are welcome to reapply, thank you for your service.”
The CSRB was a creation of the Biden administration
Members of the Cyber Safety Board include an array of cybersecurity luminaries — including former Cybersecurity and Infrastructure Security Agency (CISA) head Chris Krebs, who was dismissed from his leadership role in the organization towards the end of the previous Trump administration. Other members included veteran cybersecurity author, investigator, and CrowdStrike co-founder Dmitri Alperovitch and US security advisor Rob Joyce.
The CSRB was created by an executive order by the Biden administration and tasked with reviewing significant cyber incidents affecting the US federal government.
Both the CISA’s advisory panel and the Cyber Safety Review Board, which was investigating Salt Typhoon’s on US telecommunication networks, have been disbanded (at least in their current form). The CSRB previous investigated hacking group Lapsus$ and the high profile 2023 Microsoft Exchange Online breach.
Dismissing the board removes a ‘security blanket,’ experts say
“[It’s] disappointing that the CSRB was disbanded, especially given their work looking into Salt Typhoon”, Daniel Cuthbert, a security researcher and co-chair of the UK government’s Cyber Security Advisory Board, said in a post on X ( formerly Twitter). “That report would have been vitally important for not just the US but many others.”
Brian Fox, co-founder and chief technology officer at technology vendor Sonatype, told CSO that “any change in administration means we’re hitting reset on the national cybersecurity strategy.” Although the CSRB has been disbanded, “it is absolutely critical that work continues to progress at the federal level,” Fox said.
Fox added that CISA has also made progress on multiple fronts with the launch of cyber advisory boards such as the CSRB, maintenance of the National Vulnerability Database, the Secure by Design initiative, the agency’s work to champion SBOM (software bill of materials) adoption, and more.
“CISA’s work, in particular, is a security blanket that we cannot afford to lose,” Fox said. “Though CISA primarily serves to protect federal systems, the agency operates as a guiding voice for the private sector’s cybersecurity workforce.” He expressed concern that without this protection and guidance, “sophisticated state-backed threat actors have a much easier path into the networks of American organizations”.
“Incidents like the Salt Typhoon hacks which is still ongoing and being investigated by the CSRB, or the Ascension ransomware attack, which resulted in hospitals relying on handwritten notes and unable to provide care, will only become more frequent,” Fox said.
