Secretary of Homeland Security Alejandro N. Mayorkas announced the Cyber Safety Review Board will undertake a review focused on the security of cloud computing environments, particularly addressing identity management and authentication.
This review, prompted by the recent Microsoft Exchange Online intrusion and its implications for cloud-based identity and authentication infrastructure, will provide actionable recommendations to enhance cybersecurity practices for both Cloud Service Providers (CSPs) and their customers, according to an Aug. 11 news release.
"Organizations of all kinds are increasingly reliant on cloud computing to deliver services to the American people, which makes it imperative that we understand the vulnerabilities of that technology," Mayorkas said in the release. "Cloud security is the backbone of some of our most critical systems, from our e-commerce platforms to our communication tools to our critical infrastructure. In its reviews of the Log4j vulnerabilities and activities associated with Lapsus$, the CSRB has proven itself to be ready to tackle and examine critical and timely issues like this one."
This assessment will focus on the strategic measures that ought to be adopted by government entities, industries and CSPs to enhance the potency of identity management and authentication within the cloud framework, the release reported.
Specifically, the CSRB will scrutinize the recent incursion into Microsoft Exchange Online, initially disclosed in July 2023, while concurrently conducting a comprehensive examination of broader quandaries concerning cloud-based identity and authentication infrastructure, thereby impacting relevant CSPs and their clienteles, the release said.
DHS commenced contemplation of the appropriateness of this incident for the board's forthcoming assessment immediately upon being apprised of the occurrence in July, the release reported. The ensuing course of action for the CSRB involves devising practical recommendations aimed at advancing cybersecurity protocols for both cloud computing beneficiaries and the CSPs themselves.
Following the conclusion of this endeavor, the resultant report will be presented to President Joseph R. Biden Jr. by way of Mayorkas, in tandem with the guidance of Cybersecurity and Infrastructure Security Agency Director Jen Easterly, the release said.
The CSRB represents an unparalleled amalgamation of public and private initiatives, uniting leaders from governmental and industrial spheres to deepen our comprehension of substantial cybersecurity occurrences, the release reported. This initiative delves into the underlying causative factors, mitigatory approaches and responsive actions following these incidents, ultimately culminating in recommendations that emanate from the insights gleaned during the aftermath of such events.
The CSRB's maiden investigation was centered on vulnerabilities unearthed in the widely utilized Log4j open-source software library, a discovery made toward the end of 2021. Its subsequent evaluation, publicly released recently, delved into the assaults attributed to Lapsus$, a global hacker conglomerate that is driven by extortion motives, according to the release.
Notably, the CSRB deduced Lapsus$ adroitly harnessed uncomplicated methodologies to outmaneuver conventional security tools, which stand as pivotal components within a multitude of corporate cybersecurity paradigms. To counter this, the CSRB formulated 10 actionable recommendations, with the intent of empowering governments, corporations and civil society to enhance their defense mechanisms against the likes of Lapsus$ and analogous entities, the release said.
