Today in "government agencies creating even more government agencies" news...
The Biden administration has put together a new "panel of senior administration officials and private-sector experts" tasked with looking into national cybersecurity risks, according to a new report from the Wall Street Journal.
We're sure this has led many to ask: "Wait. We weren't doing this already?"
The new group is going to be in charge of looking into the recently discovered Log4j internet bug, among other "significant cybersecurity events that affect government, business and critical infrastructure."
It'll have 15 members, according to the report, and like any good government entity, it will be tasked with publishing reports on findings and recommendations. Sounds very official, doesn't it?
The board is being "modeled loosely" on the National Transportation Safety Board in the sense that its authority is derived from an executive order signed by the President.
But it isn't an independent board, like the NTSB. Instead, it will be a part of the Department of Homeland Security.
Homeland Security Secretary Alejandro Mayorkas said: “It is not a regulatory authority, it is not a board that is searching for or focused upon accountability or fault. We are going to be looking at ourselves, we are going to be looking at one another, and that really underscores the purpose of this board—to not focus on fault.”
The board will be chaired by Rob Silvers, the undersecretary for policy at DHS and a lawyer with experience in cybersecurity issues, the WSJ reported. “This is something that has been missing from the ecosystem until now,” he said.
The board will be used to help cybersecurity agencies at the NSA and elsewhere at Homeland Security liaise with one another.
The Board expects to complete its review into the Log4j flaw - "a free piece of code that logs activity in computer networks and applications" - by May. Just in time for it to already be obsolete.
Democratic Sen. Mark Warner of Virginia, chairman of the Senate Intelligence Committee and co-chairman of the Senate cybersecurity caucus, concluded: “It’s only a matter of when, not if, we face another widespread cyber breach that threatens our national security. I was glad to see this NTSB-like function included in the president’s May 2021 executive order on cybersecurity, and this is a good first step to establishing such a capability.”