Readout Of CISA Call With Critical Infrastructure Partners On Log4j Vulnerabilities And The Need For Increased Vigilance This Holiday Season

WASHINGTON – This afternoon, the Cybersecurity and Infrastructure Security Agency (CISA) held a call with critical infrastructure entities from the public and private sectors to emphasize the importance of remaining vigilant against cyber threats over the holiday season, particularly with the widespread exploitation of vulnerabilities in the Log4j software, which pose a severe risk to network security. The call was led by CISA Director Jen Easterly and included updates from CISA’s Executive Assistant Director for Cybersecurity, Eric Goldstein. Nearly 5,000 people dialed in.

Director Easterly highlighted best practices and guidance CISA has made available to help our partners, including the recently released CISA Insights: Preparing for and Mitigating Potential Cyber Threats. With the holidays around the corner, CISA recommends all organizations – regardless of size – take the following steps to safeguard themselves against cyber threats:

  • Exercise incident response and recovery playbooks;
  • Open information sharing channels with the U.S. government;
  • Consider a heightened monitoring and response posture and adequate staffing for SOCs and response teams; and
  • Refresh and exercise continuity of operations plans.

Read more…
Source: U.S. Cybersecurity and Infrastructure Security Agency