The Department of Homeland Security’s Cyber Safety Review Board (CSRB) will review cloud security and the recent Microsoft Exchange breach.
Microsoft came under fire after US government email accounts were hacked by Chinese hackers targeting the company’s cloud services. Senator Ron Wyden called for the DOJ, CISA, and the FTC to investigate the company, and security firm Tenable’s CEO, Amit Yoran, says Microsoft has been “grossly irresponsible” with its Azure security.
In the wake of the issues, the CSRB will review cloud security in general and Microsoft’s breach in particular.
“Organizations of all kinds are increasingly reliant on cloud computing to deliver services to the American people, which makes it imperative that we understand the vulnerabilities of that technology,” said Secretary of Homeland Security Alejandro N. Mayorkas. “Cloud security is the backbone of some of our most critical systems, from our e-commerce platforms to our communication tools to our critical infrastructure. In its reviews of the Log4j vulnerabilities and activities associated with Lapsus$, the CSRB has proven itself to be ready to tackle and examine critical and timely issues like this one. Actionable recommendations from the CSRB will help all organizations better secure their data and further cyber resilience.”