Session Leaders:

Nick Jones – CISO – TUI.com

Session Title: Log4j – Washup and Key Learnings – CISO actions for Supply Chain Disruption

Session Synopsis:

How have you and your organisation dealt with the log4j vulnerability.  Nick’s team and his IT organisation suffered a lot of pain, long nights, missed family events and disruption over Christmas, how do we prepare ourselves to better respond to these supply chain events.  A few key learnings from Nick;

• – We have poor inventory systems and lack of automation in identifying devices, software versions and product owners – Who has some good practice to share?
• – Moving from an incident to a major remediation program is a process and mind shift – How do you manage this effectively?
• – We’ve now had a number of supply chain incidents – How do we as a CISO community respond proactively?

It would be great to hear your thoughts and to share good practices to ensure that we are all more secure going forwards.