Activity: Talk or presentation › Science to professionals/public
Description
Critical security vulnerabilities in IT components of ubiquitously used IT solution stacks can represent a systemic risk to the integrity of digital infrastructures and the functioning of digital society. For example, the Log4j Java logging component's log4Shell vulnerability CVE-2021-44228, which has become public in December 2021, affected countless global IT platforms including Twitter, Apple iCloud and Steam. The talk will address how organizations can avoid adverse impact by implementing a stringent security governance guided by frameworks including CVSS (Common Vulnerability Scoring System), MITRE ATT&CK, and the continuous auditing of suppliers and IT solutions providers.
Period
13 Jan 2022
Event title
Practitioner Talk in Information Systems Management and Accountability Course
Event type
Unknown
Austrian Classification of Fields of Science and Technology (ÖFOS)