When the toy blocks tower collapses – Controlling critical vulnerabilities in IT architectures

Aktivität: VortragVortrag auf sonstiger Veranstaltung (Science-to-Professionals/Public)

Beschreibung

Critical security vulnerabilities in IT components of ubiquitously used IT solution stacks can represent a systemic risk to the integrity of digital infrastructures and the functioning of digital society. For example, the Log4j Java logging component's log4Shell vulnerability CVE-2021-44228, which has become public in December 2021, affected countless global IT platforms including Twitter, Apple iCloud and Steam. The talk will address how organizations can avoid adverse impact by implementing a stringent security governance guided by frameworks including CVSS (Common Vulnerability Scoring System), MITRE ATT&CK, and the continuous auditing of suppliers and IT solutions providers.
Zeitraum13 Jan. 2022
EreignistitelPractitioner Talk in Information Systems Management and Accountability Course
VeranstaltungstypKeine Angaben

Österreichische Systematik der Wissenschaftszweige (ÖFOS)

  • 102016 IT-Sicherheit