This is a ProPublica story. Why not post that instead of the ArsTechnica reprint?
The difference for folks in the EU is that ProPublica does not use tracking cookies, and therefore we don’t have to click through their GDPR notice.
Do you have a link to it?
https://www.propublica.org/article/cyber-safety-board-never-investigated-solarwinds-breach-microsoft
A full, public accounting of what happened in the Solar Winds case would have been devastating to Microsoft. ProPublica recently revealed that Microsoft had long known about — but refused to address — a flaw used in the hack. The tech company’s failure to act reflected a corporate culture that prioritized profit over security and left the U.S. government vulnerable, a whistleblower said.
…
So far, the Cyber Safety Review Board has charted a different path.
The board is not independent — it’s housed in the Department of Homeland Security. Rob Silvers, the board chair, is a Homeland Security undersecretary. Its vice chair is a top security executive at Google. The board does not have full-time staff, subpoena power or dedicated funding.
Incidentally, this is why people have zero faith in the modern Democratic Party. You get these big fanfare addresses by a President, which consistently resolve into these empty bureaucratic fixtures with neither the inclination nor the authority to perform their stated tasks.