Reading the #CSRB report on the 2023 Microsoft Exchange intrusion and… wow. I don't think I've ever seen a government report at this level that is so sharply worded.
Cyber Safety Review Board Releases Report on Microsoft Online Exchange Incident from Summer 2023
Highly recommend you do so, or at least read the executive summary its 🔥
"The Board finds that this intrusion was preventable and should never have occurred. The Board also concludes that Microsoft’s security culture was inadequate and requires an overhaul..."
US cyber safety board to analyze Microsoft Exchange hack of govt emails
The Department of Homeland Security's Cyber Safety Review Board (#CSRB) has announced plans to conduct an in-depth review of cloud security practices following recent Chinese hacks of Microsoft Exchange accounts used by US government agencies.
The CSRB is a collaboration of public and private sectors, created to conduct in-depth investigations that offer a better understanding of critical events, discern root causes, and issue informed recommendations on cybersecurity.
In this case, CSRB will explore how the government, industry, and cloud service providers (CSPs) can bolster #identity#management and #authentication in the cloud and develop actionable #cybersecurity recommendations for all stakeholders.