In January 2025, President Donald Trump dismissed members of the Cyber Safety Review Board (CSRB), a group of cybersecurity experts from multiple government agencies and the private sector.
The CSRB, established under President Joe Biden in 2022, investigated breaches and made recommendations for businesses, government agencies and individuals to better protect themselves. The board was modeled after the National Transportation Safety Board.
U.S. Sens. Mark R. Warner of Virginia, Vice Chairman of the Senate Select Committee on Intelligence, Ron Wyden of Oregon, a member of the Senate Select Committee on Intelligence, and Richard Blumenthal of Connecticut and Elissa Slotkin of Michigan, both members of the Senate Committee on Homeland Security & Governmental Affairs, wrote to Department of Homeland Security Secretary Kristi Noem urging her to reestablish the CSRB.
“The CSRB played a vital role in U.S. national security carrying out post-incident reviews and providing information and making recommendations to improve public and private sector cyber security. Therefore, we urge you to swiftly reconstitute the Board with qualified leaders to shape our nation’s cyber response,” the senators wrote.
They highlighted the key work that CSRB has done to investigate some of the most serious cyber incidents our country has faced, including Salt Typhoon, a breach believed to be perpetrated by the People’s Republic of China (PRC) that compromised U.S. and global telecommunications infrastructure.
“Against the backdrop of repeated insistence by this Administration on the need to leverage private sector and external expertise in government, the decision to dismantle this successful collaboration between the federal government and the private sector is particularly confounding. The CSRB has spearheaded crucial fact-finding efforts following cyber incidents, and developed recommendations and reports reflecting lessons learned following some of the most serious cyber incidents of the past few years, such as the Microsoft Exchange Online intrusion, the SolarWinds hack, and most recently (until the CSRB’s dissolution) the Salt Typhoon campaign against U.S telecommunications infrastructure.”
The senators concluded: “As we have said before, inadequate cyber security practices put our economy, our national security and even lives at risk. The January dismissal of CSRB members, and continued uncertainty about the future role of the Board, has undermined cyber defense preparations for public and private entities across the United States. In this age of great innovation, we cannot afford to see our private or public systems compromised by malicious actors. You have had more than four months to reestablish this Board to conduct this critical work – DHS leadership and CISA must work together to immediately reinstate the Board as a crucial part of America’s cyber defense infrastructure.”