Share this page!

Under Secretary Rob Silvers Profile picture
Twitter logo
Jul 14 7 tweets 3 min read
The CSRB conducted an exhaustive review of the events surrounding the December 2021 disclosure of a vulnerability in #Log4j, which led to one of the most intensive cybersecurity responses in history. Highlights from the report 🧵 1/
#Log4j is one of the most serious software vulnerabilities ever. It’s an endemic vulnerability and unpatched versions will remain in systems for years to come, perhaps a decade or longer. The #Log4j event is not over. Risk remains and network defenders must stay vigilant. 2/
Many companies could not quickly identify where in their environments they had vulnerable code, revealing opportunities to increase software transparency and capacity to respond quickly to newly-discovered vulnerabilities. 3/
The CSRB raised concerns over Chinese government regulations on vulnerability disclosure, which could be used to get early access to newly-discovered vulnerabilities to exploit for malicious purposes. The report outlines what the Board heard from the Chinese government. 4/
This event highlighted security risks unique to the thinly-resourced, volunteer-led open source software community. Industry & the federal government must commit more resources to supporting open source software security. 5/
Software developers often do not have access to training programs in secure software development practices. The CSRB recommended that universities and community colleges should require a cybersecurity component for all #ComputerScience degrees & certifications. 6/
Read more and see the full CSRB #Log4j report here ➡️ cisa.gov/cyber-safety-r… 7/7

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Under Secretary Rob Silvers

Under Secretary Rob Silvers Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @DHS_Policy

Under Secretary Rob Silvers Profile picture
Jul 14
Today the Cyber Safety Review Board is proud to release its first-ever report on the #Log4j vulnerability. Learn more ⬇️ cisa.gov/sites/default/…
The CSRB is a ground-breaking public-private partnership. Never before have industry and government #cyber leaders come together in this way to review serious incidents, identify what happened & advise the entire community on how we can do better in the future.
Directed by @POTUS in his EO on Improving the Nation’s Cybersecurity, @SecMayorkas launched the CSRB. I’m proud to serve as Chair alongside Deputy Chair Heather Adkins of Google.
Read 7 tweets
Under Secretary Rob Silvers Profile picture
Jul 12
Last week, I was in Qatar and the UAE for important engagements to expand security cooperation between the United States and each nation, and to advance key homeland security arrangements and objectives. Read more 👇
dhs.gov/news/2022/07/1… ImageImage
I signed several arrangements with Prime Minister and Interior Minister @KBKAIThani to deepen @DHSgov security partnerships on aviation security and visa fraud, including support for Qatar’s preparations to host a safe and secure @FIFAWorldCup. dhs.gov/news/2022/07/0… Image
.@DHSgov will strengthen its collaboration with Qatar on cybersecurity policy, and we will share information on cyber threats as part of new security arrangements we signed.
Read 8 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(