Learning From log4j: How to Keep Government Applications Secure


This event qualifies for .15 CEUs

This event qualifies for 1.5 CPEs

This event qualifies for 1.5 CLPs


When the log4j vulnerability was first identified in late 2021, the Cybersecurity and Infrastructure Security Agency responded very rapidly, including giving all federal agencies less than a week to identify and patch all their affected systems, and coordinating a nationwide response to encourage the private sector to do the same.

 

But the vulnerability is likely to dog agencies and the private sector alike for years. There are at least two reasons for this: First, it targets the logging systems that myriad developers have used; second, it’s so widely used because it’s open source – developers just grabbed it, inserted it, and trusted it. One software supply chain company estimated that one out of every four log4j downloads is still vulnerable today.

 

Join us as thought leaders from government and industry discuss how log4j affected their operations, how they responded, and what steps they are taking now to be prepared for the next widespread vulnerability.

 

We’ll Discuss:

  • Review the weaknesses in the open source system that allow identified vulnerabilities to go unaddressed
  • Delineate steps to take to find where open source code is being used in current systems and confirm they do not need patches
  • Outline the best practices agencies should follow to get ready in advance for future attacks through flawed open source code

Speaker and Presenter Information

Solomon Adote, Chief Security Officer, Delaware Department of Technology & Information

Solomon Adote

Cheif Security Officer

Delaware Department of Technology and Information

 

West Coile, Assistant Director, Center for Enhanced Cybersecurity, GAO

West Coile

Assistant Director,

Center for Enhanced Cybersecurity,

U.S. GAO

 

 Sarah Nur, Chief Information Security Officer, Department of Treasury

Sarah Nur

Associate Chief Security Officer

Chief Information Security Officer

IRS

 

Willie Hicks, Public Sector Chief Technology Officer, Dynatrace

 

Willie Hicks

Public Sector Chief Technology Officer,

Dynatrace

 

Moderated by:

John Breeden, Moderator & Contributing Editor, FedInsider

John Breeden II

Contributing Editor, FedInsider

Relevant Government Agencies

Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Census Bureau, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, USAID, State & Local Government, National Guard Association, EEOC, Federal Government, FDA, Foreign Governments/Agencies, NSA, FCC

Members who viewed this event also viewed:


Event Type
Webcast


This event has no exhibitor/sponsor opportunities


When
Wed, Jun 21, 2023, 2:00pm - 3:30pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Event Sponsors


Organizer
FEDINSIDER


Contact Event Organizer


Join the event conversation:
@FedInsider
#technology #cybersecurity #cyberawareness


Return to search results