CISO Playbook: Log4j Response - What We Did, What We LearnedJohn Bassett and Martin Dinel on Responders, Vendors and Outdated Response Plans
The Apache Log4j vulnerability capped the end of a long year for CISOs and incident responders, and it left them with a mitigation project that carries them well into the New Year. CISOs John Bassett and Martin Dinel discuss how their teams have tackled Log4j - and significant lessons learned.
See Also: Beginners Guide to Observability
In this video interview with Information Security Media Group, Bassett and Dinel - both executive members of the CyberEdBoard - discuss:
- Initial response to the Log4j vulnerability;
- Lessons learned from mitigation efforts;
- Advice to other security leaders overseeing their own mitigation efforts.
Bassett is a seasoned IT specialist with more than 25 years of experience as a software engineer, network manager, systems implementer and JD Edwards EnterpriseOne technology expert. He is responsible for conducting architectural requirement analyses for clients, including load balancing, SSL, high availability and disaster recovery and is based in the company’s office in Mansfield, Ohio.
Dinel is a trusted information technology and cybersecurity professional with over 33 years of leadership experience in the industry. As CISO for the Government of Alberta since August 2015, he is defining the government’s vision and strategy to counter cyberthreat and ensure that the information of Albertans is protected.
CyberEdBoard is ISMG’s premier members-only community of senior-most executives and thought leaders in the fields of security, risk, privacy and IT. CyberEdBoard provides executives with a powerful, peer-driven collaborative ecosystem, private meetings and a library of resources to address complex challenges shared by thousands of CISOs and senior security leaders located in 65 different countries worldwide.
Join the Community - CyberEdBoard.io.