Nick Jones – CISO – TUI.com
Session Title: Log4j – Washup and Key Learnings – CISO actions for Supply Chain Disruption
How have you and your organisation dealt with the log4j vulnerability. Nick’s team and his IT organisation suffered a lot of pain, long nights, missed family events and disruption over Christmas, how do we prepare ourselves to better respond to these supply chain events. A few key learnings from Nick;
- – We have poor inventory systems and lack of automation in identifying devices, software versions and product owners – Who has some good practice to share?
- – Moving from an incident to a major remediation program is a process and mind shift – How do you manage this effectively?
- – We’ve now had a number of supply chain incidents – How do we as a CISO community respond proactively?
It would be great to hear your thoughts and to share good practices to ensure that we are all more secure going forwards.