Aktivität: Vortrag › Vortrag auf sonstiger Veranstaltung (Science-to-Professionals/Public)
Beschreibung
Critical security vulnerabilities in IT components of ubiquitously used IT solution stacks can represent a systemic risk to the integrity of digital infrastructures and the functioning of digital society. For example, the Log4j Java logging component's log4Shell vulnerability CVE-2021-44228, which has become public in December 2021, affected countless global IT platforms including Twitter, Apple iCloud and Steam. The talk will address how organizations can avoid adverse impact by implementing a stringent security governance guided by frameworks including CVSS (Common Vulnerability Scoring System), MITRE ATT&CK, and the continuous auditing of suppliers and IT solutions providers.
Zeitraum
13 Jan. 2022
Ereignistitel
Practitioner Talk in Information Systems Management and Accountability Course
Veranstaltungstyp
Keine Angaben
Österreichische Systematik der Wissenschaftszweige (ÖFOS)