Inside the Briefcase

Webcast: HOW TO SCALE A DATA LITERACY PROGRAM AT YOUR ORGANIZATION

Webcast: HOW TO SCALE A DATA LITERACY PROGRAM AT YOUR ORGANIZATION

Join data & analytics leaders from Starbucks, Cardinal Health,...

How EverQuote Democratized Data Through Self-Service Analytics

How EverQuote Democratized Data Through Self-Service Analytics

During our recent webinar on scaling self-service analytics, AtScale...

How Analytics Governance Empowers Self-Service BI

How Analytics Governance Empowers Self-Service BI

The benefit of implementing analytics policies at the semantic...

How To Create A Powerful SMS Marketing Strategy

How To Create A Powerful SMS Marketing Strategy

Many small businesses are looking for more ways to...

Emerging Frameworks & Technologies that Combat the Rising Threat of Cyber Attacks

Emerging Frameworks & Technologies that Combat the Rising Threat of Cyber Attacks

The creation of the first computer virus in 1971...

A Case Study in Appropriately Responding to the Log4J Cybersecurity Vulnerability

January 7, 2022 No Comments

Just in time for the holiday season, and at a time when cybercriminals are generally most active, industry experts discovered a critical vulnerability in a software commonly used by companies. The software, Apache Log4j, is a popular Java library for logging in applications. The vulnerability enables a remote attacker to take control of a device, potentially enabling cybercriminals the opportunity to steal sensitive data and deploy ransomware.

To combat this potentially devastating operational and legal outcome, IT security teams have been feverishly implementing patches to fix this vulnerability. Over the holidays, network scanners everywhere have been abuzz, searching for unpatched vulnerable systems. However, many organizations have found that they lack full inventories of all the software they use, making patching difficult and a never-ending game of whack-a-mole. Further, vendors and cloud-service providers are still struggling to issue fixes to all of their software products.

To add to the feeling of exhaustion and discontent, researchers say this flaw has been around for years, some estimate back as far as 2015. According to the US Cybersecurity and Infrastructure Security Agency (CISA) director Jen Easterly, the vulnerability is already being used by a “growing set of threat actors.” As such, industry experts expect that this incident will follow a pattern like the recent Hafnium attacks, where the whack-a-mole approach proved far from sufficient.

Read Full Article..

Tags: , DATA SECURITY, Featured Blogs

Sorry, the comment form is closed at this time.

ADVERTISEMENT

Gartner