Several other regulatory steps and Congress' 60-day period to review the defense industrial base's new cybersecurity standard still loom before it takes effect.
By not investigating how the SolarWinds hack exploited Microsoft software, the Cyber Safety Review Board missed an opportunity to prevent attacks, experts say.