Cyber safety board report directs CISA to verify cloud security best practices for service providers

The Cyber Safety Review Board’s investigation into the Microsoft Exchange intrusion offers several best practices for cloud service providers and will result in the Cybersecurity and Infrastructure Security Agency embarking on an effort to verify their compliance annually under a recommendation from the group’s latest report.

“In the course of its review, the Board spoke with a range of large CSPs to assess the state of their security practices, and -- as is also its mandate -- the Board today...