In the final days of the Biden administration, Anne Neuberger, the deputy national security adviser for cyber and emerging technology, reflected on her team’s achievements, highlighting the establishment of baseline cybersecurity requirements for critical infrastructure, with one hundred percent compliance among U.S. pipelines. 70% of railways now comply with their baseline requirements. She added that 60% of airports also follow new requirements, as of last week.
U.S. prosecutors have linked the arrest of Army communications specialist Cameron John Wagenius to a significant theft of phone records from AT&T and Verizon. Wagenius was arrested in Texas on December 20 and is accused of unlawfully transferring confidential phone records as part of a larger scheme involving hackers who breached the cloud computing company Snowflake. Approximately 50 billion records were compromised, affecting numerous companies, including AT&T, which lost nearly all its customer call records. Prosecutors stated that both Wagenius and the alleged hackers are connected through overlapping evidence in the case. Wagenius is currently detained in Washington state as investigations continue into this extensive cyberattack.
President Donald Trump has dismissed all members of the Cyber Safety Review Board within the Department of Homeland Security, including former CISA head Chris Krebs. This action comes as the board was investigating the Chinese state-sponsored hacking group known as Salt Typhoon, responsible for breaches in at least nine telecommunications networks in recent months. Acting Secretary of Homeland Security Benjamine C. Huffman stated that the dismissals were intended to prevent a “misuse of resources.” The future of the Cyber Safety Review Board remains uncertain, with the letter indicating that dismissed members may reapply in the future. The board was originally formed as part of President Biden’s 2021 executive order aimed at reviewing significant cyber incidents affecting the federal executive branch.
Why do we care?
I’m struck by the dichotomy of the previous team laying out their data of what was accomplished, and the incoming team firing investigators. As one focused on network security, I’d like to understand the “how” behind the Salt Typhoon breaches. The letter dismissing the group includes potentials for new committees. We care to see if that is reformed.
Because the data shows that focus on these efforts brings results.

